Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2020
CVE-2019-20534
An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can view home-screen wallpaper by adjusting the brightness of a locked screen. The Samsung ID is SVE-2019-15540 (December 2019).
CVSS Score
2.4
EPSS Score
0.0
Published
2020-03-24
CVE-2019-18242
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, frequent and multiple requests for short-term use may cause the web server to fail.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-03-24
CVE-2020-6972
In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser.
CVSS Score
9.1
EPSS Score
0.001
Published
2020-03-24
CVE-2019-4553
IBM API Connect V5.0.0.0 through 5.0.8.7iFix3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 165958.
CVSS Score
5.9
EPSS Score
0.001
Published
2020-03-24
CVE-2019-4681
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 171734.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-03-24
CVE-2020-10385
A stored cross-site scripting (XSS) vulnerability exists in the WPForms Contact Form (aka wpforms-lite) plugin before 1.5.9 for WordPress.
CVSS Score
5.4
EPSS Score
0.006
Published
2020-03-24
CVE-2020-10938
GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.
CVSS Score
9.8
EPSS Score
0.003
Published
2020-03-24
CVE-2020-4253
IBM Content Navigator 3.0CD does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 175559.
CVSS Score
6.3
EPSS Score
0.002
Published
2020-03-24
CVE-2020-4309
IBM Content Navigator 3.0CD could disclose sensitive information to an unauthenticated user which could be used to aid in further attacks against the system. IBM X-Force ID: 177080.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-03-24
CVE-2020-10931
Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protocol header to try_read_command_binary in memcached.c.
CVSS Score
7.5
EPSS Score
0.173
Published
2020-03-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved