Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2018
CVE-2018-6644
SBLIM Small Footprint CIM Broker (SFCB) 1.4.9 has a null pointer (DoS) vulnerability via a crafted POST request to the /cimom URI.
CVSS Score
7.5
EPSS Score
0.008
Published
2018-02-08
CVE-2018-6789
Known exploited
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.
CVSS Score
9.8
EPSS Score
0.85
Published
2018-02-08
CVE-2011-4889
The javax.naming.directory.AttributeInUseException class in the Virtual Member Manager in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.43, 7.0 before 7.0.0.21, and 8.0 before 8.0.0.2 does not properly update passwords on a configuration using Tivoli Directory Server, which might allow remote attackers to gain access to an application by leveraging knowledge of an old password. IBM X-Force ID: 72581.
CVSS Score
9.8
EPSS Score
0.008
Published
2018-02-08
CVE-2012-0941
Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Endpoint Monitor, (2) Dialup List, or (3) Log&Report Display modules, or the fields_sorted_opt parameter to (4) user/auth/list or (5) endpointcompliance/app_detect/predefined_sig_list.
CVSS Score
6.1
EPSS Score
0.009
Published
2018-02-08
CVE-2012-2166
IBM XIV Storage System 2810-A14 and 2812-A14 devices before level 10.2.4.e-2 and 2810-114 and 2812-114 devices before level 11.1.1 have hardcoded passwords for unspecified accounts, which allows remote attackers to gain user access via unknown vectors. IBM X-Force ID: 75041.
CVSS Score
9.8
EPSS Score
0.03
Published
2018-02-08
CVE-2012-3331
IBM Sametime allows remote attackers to obtain sensitive information from the Sametime Log database via a direct request to STLOG.NSF. IBM X-Force ID: 78048.
CVSS Score
5.3
EPSS Score
0.002
Published
2018-02-08
CVE-2012-5359
Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted ASF file.
CVSS Score
8.8
EPSS Score
0.008
Published
2018-02-08
CVE-2012-5360
Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted QT file.
CVSS Score
8.8
EPSS Score
0.008
Published
2018-02-08
CVE-2013-2830
Use-after-free vulnerability in SumatraPDF Reader 2.x before 2.2.1 allows remote attackers to execute arbitrary code via a crafted PDF file.
CVSS Score
7.8
EPSS Score
0.01
Published
2018-02-08
CVE-2013-3552
Nitro Pro 7.5.0.29 and earlier and Nitro Reader 2.5.0.45 and earlier allow remote attackers to execute arbitrary code via a crafted PDF file.
CVSS Score
7.8
EPSS Score
0.006
Published
2018-02-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved