Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2017
CVE-2017-6835
The reset1 function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file.
CVSS Score
5.5
EPSS Score
0.013
Published
2017-03-20
CVE-2017-6836
Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile/modules/SimpleModule.h in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 allows remote attackers to cause a denial of service (crash) via a crafted file.
CVSS Score
5.5
EPSS Score
0.013
Published
2017-03-20
CVE-2017-6837
WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via vectors related to a large number of coefficients.
CVSS Score
5.5
EPSS Score
0.028
Published
2017-03-20
CVE-2014-9847
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.
CVSS Score
9.8
EPSS Score
0.035
Published
2017-03-20
CVE-2014-9848
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
CVSS Score
7.5
EPSS Score
0.021
Published
2017-03-20
CVE-2014-9849
The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).
CVSS Score
7.5
EPSS Score
0.016
Published
2017-03-20
CVE-2014-9850
Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).
CVSS Score
7.5
EPSS Score
0.016
Published
2017-03-20
CVE-2014-9851
ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).
CVSS Score
7.5
EPSS Score
0.02
Published
2017-03-20
CVE-2015-1610
hosttracker in OpenDaylight l2switch allows remote attackers to change the host location information by spoofing the MAC address, aka "topology spoofing."
CVSS Score
5.3
EPSS Score
0.003
Published
2017-03-20
CVE-2015-8954
The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from comparisons, which might allow remote attackers to bypass intrusion-prevention functionality via a crafted HTTP request.
CVSS Score
9.8
EPSS Score
0.019
Published
2017-03-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved