Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2019
CVE-2019-9895
In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding.
CVSS Score
9.8
EPSS Score
0.01
Published
2019-03-21
CVE-2019-9896
In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable.
CVSS Score
7.8
EPSS Score
0.022
Published
2019-03-21
CVE-2019-9897
Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71.
CVSS Score
7.5
EPSS Score
0.02
Published
2019-03-21
CVE-2019-9898
Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71.
CVSS Score
9.8
EPSS Score
0.044
Published
2019-03-21
CVE-2019-8938
VertrigoServ 2.17 allows XSS via the /inc/extensions.php ext parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-03-21
CVE-2019-9083
SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanager/main.php dbsel parameter. NOTE: This product is discontinued.
CVSS Score
9.8
EPSS Score
0.02
Published
2019-03-21
CVE-2019-9093
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in file/file/upload in Humhub 1.3.10 Community Edition. The user-supplied input containing a JavaScript payload in the filename parameter is echoed back, which resulted in reflected XSS.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-03-21
CVE-2019-9094
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in /s/adada/cfiles/upload in Humhub 1.3.10 Community Edition. The user-supplied input containing JavaScript in the filename is echoed back in JavaScript code, which resulted in XSS.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-03-21
CVE-2019-8934
hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest.
CVSS Score
3.3
EPSS Score
0.001
Published
2019-03-21
CVE-2019-7421
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.login/gnb/loginView.sws" in multiple parameters: contextpath and basedURL.
CVSS Score
6.1
EPSS Score
0.006
Published
2019-03-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved