Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2019
CVE-2018-20760
In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-02-06
CVE-2018-20761
GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-02-06
CVE-2018-20762
GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-02-06
CVE-2018-20763
In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-02-06
CVE-2018-7813
A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on pcwin.dll which could cause remote code to be executed when parsing a GD1 file
CVSS Score
7.8
EPSS Score
0.002
Published
2019-02-06
CVE-2018-7814
A Stack-based Buffer Overflow (CWE-121) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) which could cause remote code to be executed when parsing a GD1 file
CVSS Score
7.8
EPSS Score
0.002
Published
2019-02-06
CVE-2018-7815
A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on c3core.dll which could cause remote code to be executed when parsing a GD1 file
CVSS Score
7.8
EPSS Score
0.002
Published
2019-02-06
CVE-2018-7817
A Use After Free (CWE-416) vulnerability exists in Zelio Soft 2 v5.1 and prior versions which could cause remote code execution when opening a specially crafted Zelio Soft project file.
CVSS Score
7.8
EPSS Score
0.007
Published
2019-02-06
CVE-2018-7839
A Cryptographic Issue (CWE-310) vulnerability exists in IIoT Monitor 3.1.38 which could allow information disclosure.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-02-06
CVE-2019-7547
An issue was discovered in SIDU 6.0. Because the database name is not strictly filtered, the attacker can insert a name containing an XSS Payload, leading to stored XSS.
CVSS Score
4.8
EPSS Score
0.002
Published
2019-02-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved