Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2017
CVE-2015-7263
The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-04-10
CVE-2015-7264
The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks.
CVSS Score
9.8
EPSS Score
0.005
Published
2017-04-10
CVE-2015-7265
Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and bypass ACL checks.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-04-10
CVE-2015-7270
Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows directory traversal.
CVSS Score
7.8
EPSS Score
0.008
Published
2017-04-10
CVE-2015-7271
Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has a format string issue in racadm getsystinfo.
CVSS Score
9.8
EPSS Score
0.008
Published
2017-04-10
CVE-2015-7272
Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long SSH username or input.
CVSS Score
9.8
EPSS Score
0.009
Published
2017-04-10
CVE-2015-7273
Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has XXE.
CVSS Score
9.8
EPSS Score
0.007
Published
2017-04-10
CVE-2015-7274
Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 allows remote attackers to execute arbitrary administrative HTTP commands.
CVSS Score
8.8
EPSS Score
0.023
Published
2017-04-10
CVE-2015-7275
Dell Integrated Remote Access Controller (iDRAC) 6 before 2.85 and 7/8 before 2.30.30.30 has XSS.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-04-10
CVE-2015-7292
Stack-based buffer overflow in the havok_write function in drivers/staging/havok/havok.c in Amazon Fire OS before 2016-01-15 allows attackers to cause a denial of service (panic) or possibly have unspecified other impact via a long string to /dev/hv.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-04-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved