Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2017
CVE-2017-6916
CSRF exists in BigTree CMS 4.1.18 with the nav-social[#] parameter to the admin/settings/update/ page. The Navigation Social can be changed.
CVSS Score
4.3
EPSS Score
0.001
Published
2017-03-15
CVE-2017-6917
CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings/update/ page. The Colophon can be changed.
CVSS Score
4.3
EPSS Score
0.001
Published
2017-03-15
CVE-2017-6918
CSRF exists in BigTree CMS 4.2.16 with the value[#][*] parameter to the admin/settings/update/ page. The Navigation Social can be changed.
CVSS Score
4.3
EPSS Score
0.001
Published
2017-03-15
CVE-2017-6429
Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet.
CVSS Score
7.8
EPSS Score
0.006
Published
2017-03-15
CVE-2017-6430
The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted filter.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-03-15
CVE-2017-6443
Cross-site scripting (XSS) vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the W_AD1 parameter to Forms/oadmin_1.
CVSS Score
6.1
EPSS Score
0.02
Published
2017-03-15
CVE-2016-10155
Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVSS Score
6.0
EPSS Score
0.0
Published
2017-03-15
CVE-2016-10163
Memory leak in the vrend_renderer_context_create_internal function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) by repeatedly creating a decode context.
CVSS Score
6.5
EPSS Score
0.001
Published
2017-03-15
CVE-2016-10166
Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable.
CVSS Score
9.8
EPSS Score
0.083
Published
2017-03-15
CVE-2016-10167
The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
CVSS Score
5.5
EPSS Score
0.01
Published
2017-03-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved