Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2018
CVE-2017-17736
Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 allows remote attackers to obtain Global Administrator access by visiting CMSInstall/install.aspx and then navigating to the CMS Administration Dashboard.
CVSS Score
9.8
EPSS Score
0.911
Published
2018-03-23
CVE-2018-1207
Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI injection vulnerability which could be used to execute remote code. A remote unauthenticated attacker may potentially be able to use CGI variables to execute remote code.
CVSS Score
9.8
EPSS Score
0.933
Published
2018-03-23
CVE-2018-1211
Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain a path traversal vulnerability in its Web server's URI parser which could be used to obtain specific sensitive data without authentication. A remote unauthenticated attacker may be able to read configuration settings from the iDRAC by querying specific URI strings.
CVSS Score
7.5
EPSS Score
0.011
Published
2018-03-23
CVE-2017-18242
The apply_dependent_coupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-03-22
CVE-2017-18243
The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault) via a crafted file.
CVSS Score
6.5
EPSS Score
0.003
Published
2018-03-22
CVE-2017-18244
The stereo_processing function in libavcodec/aacps.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file, related to ff_ps_apply.
CVSS Score
6.5
EPSS Score
0.006
Published
2018-03-22
CVE-2018-8903
Open-AudIT Professional 2.1 allows XSS via the Name or Description field on the Credentials screen.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-03-22
CVE-2018-8942
Xiuno BBS 4.0.0 has XSS in the adminpage sitename parameter.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-03-22
CVE-2018-8943
There is a SQL injection in the PHPSHE 1.6 userbank parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-03-22
CVE-2018-8944
PHPOK 4.8.338 has an arbitrary file upload vulnerability.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-03-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved