Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2017
CVE-2017-7361
Pixie 1.0.4 allows an admin/index.php s=publish&m=static&x= XSS attack.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-03-31
CVE-2017-7362
Pixie 1.0.4 allows an admin/index.php s=publish&m=dynamic&x= XSS attack.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-03-31
CVE-2017-7363
Pixie 1.0.4 allows an admin/index.php s=publish&m=module&x= XSS attack.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-03-31
CVE-2016-9319
There is Missing SSL Certificate Validation in the Trend Micro Enterprise Mobile Security Android Application before 9.7.1193, aka VRTS-398.
CVSS Score
5.9
EPSS Score
0.004
Published
2017-03-31
CVE-2017-7346
The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD* device.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-03-30
CVE-2017-7253
Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low-privilege credentials to list all users via a request to a certain URI. 2. Login to the IP camera with admin credentials so as to obtain full control of the target IP camera. During exploitation, the first JSON object encountered has a "Component error: login challenge!" message. The second JSON object encountered has a result indicating a successful admin login.
CVSS Score
8.8
EPSS Score
0.01
Published
2017-03-30
CVE-2017-5184
A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0.1 that may allow leakage of information (account enumeration).
CVSS Score
5.3
EPSS Score
0.003
Published
2017-03-30
CVE-2017-5185
A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0.1 that may allow remote denial of service.
CVSS Score
7.5
EPSS Score
0.006
Published
2017-03-30
CVE-2017-6182
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304.
CVSS Score
9.8
EPSS Score
0.143
Published
2017-03-30
CVE-2017-6183
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314.
CVSS Score
7.2
EPSS Score
0.026
Published
2017-03-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved