Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2018
CVE-2018-8097
io/mongo/parser.py in Eve (aka pyeve) before 0.7.5 allows remote attackers to execute arbitrary code via Code Injection in the where parameter.
CVSS Score
9.8
EPSS Score
0.106
Published
2018-03-14
CVE-2018-8108
The select component in bui through 2018-03-13 has XSS because it performs an escape operation on already-escaped text, as demonstrated by workGroupList text.
CVSS Score
6.1
EPSS Score
0.01
Published
2018-03-14
CVE-2018-8100
The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml.
CVSS Score
7.8
EPSS Score
0.002
Published
2018-03-14
CVE-2018-8101
The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-03-14
CVE-2018-8102
The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-03-14
CVE-2018-8103
The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-03-14
CVE-2018-8104
The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-03-14
CVE-2018-8105
The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-03-14
CVE-2018-8106
The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-03-14
CVE-2018-8107
The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-03-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved