Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2020
CVE-2020-5557
Cross-site scripting vulnerability in CuteNews 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-03-25
CVE-2019-4001
Improper input validation in Druva inSync Client 6.5.0 allows a local, authenticated attacker to execute arbitrary NodeJS code.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-03-24
CVE-2020-10942
In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-03-24
CVE-2020-6802
In Mozilla Bleach before 3.11, a mutation XSS affects users calling bleach.clean with noscript and a raw tag in the allowed/whitelisted tags option.
CVSS Score
6.1
EPSS Score
0.007
Published
2020-03-24
CVE-2020-6816
In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-03-24
CVE-2020-6991
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak password requirements may allow an attacker to gain access using brute force.
CVSS Score
9.8
EPSS Score
0.003
Published
2020-03-24
CVE-2020-6997
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, sensitive information is transmitted over some web applications in cleartext.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-03-24
CVE-2020-7001
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-03-24
CVE-2020-7007
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or target the device, causing it to go out of service.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-03-24
CVE-2020-8984
lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta allowed IP address spoofing via the X-Forwarded-For header.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-03-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved