Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2018
CVE-2018-7405
Cross-site scripting (XSS) in Zoho ManageEngine EventLog Analyzer before 11.12 Build 11120 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.005
Published
2018-03-13
CVE-2017-17442
In BlackBerry UEM Management Console version 12.7.1 and earlier, a reflected cross-site scripting vulnerability that could allow an attacker to execute script commands in the context of the affected UEM Management Console account by crafting a malicious link and then persuading a user with legitimate access to the Management Console to click on the malicious link.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-03-13
CVE-2018-7750
transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.
CVSS Score
9.8
EPSS Score
0.209
Published
2018-03-13
CVE-2017-1002101
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host's filesystem.
CVSS Score
8.8
EPSS Score
0.33
Published
2018-03-13
CVE-2017-1002102
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using a secret, configMap, projected or downwardAPI volume can trigger deletion of arbitrary files/directories from the nodes where they are running.
CVSS Score
7.1
EPSS Score
0.004
Published
2018-03-13
CVE-2018-6294
Unsecured way of firmware update in Hanwha Techwin Smartcams
CVSS Score
9.8
EPSS Score
0.005
Published
2018-03-13
CVE-2018-6295
Unencrypted way of remote control and communications in Hanwha Techwin Smartcams
CVSS Score
9.8
EPSS Score
0.003
Published
2018-03-13
CVE-2018-6296
An undocumented (hidden) capability for switching the web interface in Hanwha Techwin Smartcams
CVSS Score
5.3
EPSS Score
0.003
Published
2018-03-13
CVE-2018-6297
Buffer overflow in Hanwha Techwin Smartcams
CVSS Score
9.8
EPSS Score
0.006
Published
2018-03-13
CVE-2018-6298
Remote code execution in Hanwha Techwin Smartcams
CVSS Score
9.8
EPSS Score
0.034
Published
2018-03-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved