Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2020
CVE-2020-8945
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.
CVSS Score
7.5
EPSS Score
0.04
Published
2020-02-12
CVE-2020-8946
Netis WF2471 v1.2.30142 devices allow an authenticated attacker to execute arbitrary OS commands via shell metacharacters in the /cgi-bin-igd/sys_log_clean.cgi log_3g_type parameter.
CVSS Score
8.8
EPSS Score
0.01
Published
2020-02-12
CVE-2020-8947
functions_netflow.php in Artica Pandora FMS 7.0 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the index.php?operation/netflow/nf_live_view ip_dst, dst_port, or src_port parameter, a different vulnerability than CVE-2019-20224.
CVSS Score
7.2
EPSS Score
0.175
Published
2020-02-12
CVE-2013-7286
MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfuscation algorithm
CVSS Score
7.5
EPSS Score
0.003
Published
2020-02-12
CVE-2020-7046
lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-8 data in command parameters, as demonstrated by the unauthenticated triggering of a submission-login infinite loop.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-02-12
CVE-2020-7957
The IMAP and LMTP components in Dovecot 2.3.9 before 2.3.9.3 mishandle snippet generation when many characters must be read to compute the snippet and a trailing > character exists. This causes a denial of service in which the recipient cannot read all of their messages.
CVSS Score
3.1
EPSS Score
0.004
Published
2020-02-12
CVE-2011-4661
A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-02-12
CVE-2012-0951
A Memory Corruption Vulnerability exists in NVIDIA Graphics Drivers 29549 due to an unknown function in the file proc/driver/nvidia/registry.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-02-12
CVE-2013-2637
A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code.
CVSS Score
6.1
EPSS Score
0.014
Published
2020-02-12
CVE-2013-4395
Simple Machines Forum (SMF) through 2.0.5 has XSS
CVSS Score
6.1
EPSS Score
0.003
Published
2020-02-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved