Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2019
CVE-2019-0676
Known exploited
An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory.An attacker who successfully exploited this vulnerability could test for the presence of files on disk, aka 'Internet Explorer Information Disclosure Vulnerability'.
CVSS Score
6.5
EPSS Score
0.245
Published
2019-03-05
CVE-2019-0686
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0724.
CVSS Score
7.4
EPSS Score
0.032
Published
2019-03-05
CVE-2019-0724
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0686.
CVSS Score
8.1
EPSS Score
0.614
Published
2019-03-05
CVE-2019-0728
A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project, aka 'Visual Studio Code Remote Code Execution Vulnerability'.
CVSS Score
7.8
EPSS Score
0.116
Published
2019-03-05
CVE-2019-0729
An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'.
CVSS Score
9.8
EPSS Score
0.016
Published
2019-03-05
CVE-2019-0741
An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive information, aka 'Azure IoT Java SDK Information Disclosure Vulnerability'.
CVSS Score
7.5
EPSS Score
0.035
Published
2019-03-05
CVE-2019-0742
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0743.
CVSS Score
5.4
EPSS Score
0.005
Published
2019-03-05
CVE-2019-0743
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0742.
CVSS Score
5.4
EPSS Score
0.005
Published
2019-03-05
CVE-2019-8336
HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a client to bypass intended access restrictions and obtain the privileges of one other arbitrary token within secondary datacenters, because a token with literally "<hidden>" as its secret is used in unusual circumstances.
CVSS Score
8.1
EPSS Score
0.004
Published
2019-03-05
CVE-2019-9555
Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The number of possible PSKs is about 1.78 billion, which is too small.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-03-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved