Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2019
CVE-2019-9772
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at dwg.spec.
CVSS Score
7.5
EPSS Score
0.024
Published
2019-03-14
CVE-2019-9773
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension.
CVSS Score
7.5
EPSS Score
0.027
Published
2019-03-14
CVE-2019-9774
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c.
CVSS Score
9.1
EPSS Score
0.031
Published
2019-03-14
CVE-2019-9775
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec.
CVSS Score
9.1
EPSS Score
0.031
Published
2019-03-14
CVE-2019-9776
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779).
CVSS Score
7.5
EPSS Score
0.024
Published
2019-03-14
CVE-2019-9760
FTPGetter Standard v.5.97.0.177 allows remote code execution when a user initiates an FTP connection to an attacker-controlled machine that sends crafted responses. Long responses can also crash the FTP client with memory corruption.
CVSS Score
9.8
EPSS Score
0.738
Published
2019-03-14
CVE-2019-9761
An XXE issue was discovered in PHPSHE 1.7, which can be used to read any file in the system or scan the internal network without authentication. This occurs because of the call to wechat_getxml in include/plugin/payment/wechat/notify_url.php.
CVSS Score
7.5
EPSS Score
0.006
Published
2019-03-14
CVE-2019-9762
A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment/alipay/pay.php with the parameter id. The vulnerability does not need any authentication.
CVSS Score
9.8
EPSS Score
0.597
Published
2019-03-14
CVE-2018-20800
An issue was discovered in Open Ticket Request System (OTRS) 5.0.31 and 6.0.13. Users updating to 6.0.13 (also patchlevel updates) or 5.0.31 (only major updates) will experience data loss in their agent preferences table.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-03-13
CVE-2019-6596
In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, 12.1.0-12.1.3.6, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, when processing fragmented ClientHello messages in a DTLS session TMM may corrupt memory eventually leading to a crash. Only systems offering DTLS connections via APM are impacted.
CVSS Score
7.5
EPSS Score
0.008
Published
2019-03-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved