Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2018
CVE-2018-9135
In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-03-30
CVE-2018-9136
windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a crafted .exe file, a different vulnerability than CVE-2018-8821.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-03-30
CVE-2018-9138
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type.
CVSS Score
5.5
EPSS Score
0.003
Published
2018-03-30
CVE-2018-9139
On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165.
CVSS Score
9.8
EPSS Score
0.013
Published
2018-03-30
CVE-2018-9140
On Samsung mobile devices with M(6.0) software, the Email application allows XSS via an event attribute and arbitrary file loading via a src attribute, aka SVE-2017-10747.
CVSS Score
6.1
EPSS Score
0.004
Published
2018-03-30
CVE-2018-9141
On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105.
CVSS Score
7.8
EPSS Score
0.008
Published
2018-03-30
CVE-2018-9142
On Samsung mobile devices with N(7.x) software, attackers can install an arbitrary APK in the Secure Folder SD Card area because of faulty validation of a package signature and package name, aka SVE-2017-10932.
CVSS Score
7.0
EPSS Score
0.001
Published
2018-03-30
CVE-2018-9143
On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991.
CVSS Score
9.8
EPSS Score
0.011
Published
2018-03-30
CVE-2018-9144
In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. It could result in denial of service or information disclosure.
CVSS Score
8.1
EPSS Score
0.004
Published
2018-03-30
CVE-2018-9145
In the DataBuf class in include/exiv2/types.hpp in Exiv2 0.26, an issue exists in the constructor with an initial buffer size. A large size value may lead to a SIGABRT during an attempt at memory allocation. NOTE: some third parties have been unable to reproduce the SIGABRT when using the 4-DataBuf-abort-1 PoC file.
CVSS Score
6.5
EPSS Score
0.003
Published
2018-03-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved