Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2019
CVE-2019-9777
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dxf_header_write at header_variables_dxf.spec.
CVSS Score
7.5
EPSS Score
0.024
Published
2019-03-14
CVE-2019-9778
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec.
CVSS Score
7.5
EPSS Score
0.024
Published
2019-03-14
CVE-2019-9779
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (earlier than CVE-2019-9776).
CVSS Score
7.5
EPSS Score
0.024
Published
2019-03-14
CVE-2019-9765
In Blog_mini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails() function, related to app/templates/_article_comments.html.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-03-14
CVE-2019-9766
Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .mp3 file.
CVSS Score
7.8
EPSS Score
0.201
Published
2019-03-14
CVE-2019-9767
Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wma file.
CVSS Score
7.8
EPSS Score
0.031
Published
2019-03-14
CVE-2019-9768
Thinkst Canarytokens through commit hash 4e89ee0 (2019-03-01) relies on limited variation in size, metadata, and timestamp, which makes it easier for attackers to estimate whether a Word document contains a token.
CVSS Score
7.5
EPSS Score
0.372
Published
2019-03-14
CVE-2019-9769
PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator.
CVSS Score
8.8
EPSS Score
0.003
Published
2019-03-14
CVE-2019-9770
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the y dimension.
CVSS Score
7.5
EPSS Score
0.028
Published
2019-03-14
CVE-2019-9771
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function bit_convert_TU at bits.c.
CVSS Score
7.5
EPSS Score
0.025
Published
2019-03-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved