Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2018
CVE-2018-1447
The GSKit (IBM Spectrum Protect 7.1 and 7.2) and (IBM Spectrum Protect Snapshot 4.1.3, 4.1.4, and 4.1.6) CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of passwords. A weak password may be recovered. Note: After update the customer should change password to ensure the new password is stored more securely. Products should encourage customers to take this step as a high priority action. IBM X-Force ID: 139972.
CVSS Score
5.1
EPSS Score
0.001
Published
2018-04-04
CVE-2018-1469
IBM API Connect Developer Portal 5.0.0.0 through 5.0.8.2 could allow an unauthenticated attacker to execute system commands using specially crafted HTTP requests. IBM X-Force ID: 140605.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-04-04
CVE-2018-9119
An attacker with physical access to a BrilliantTS FUZE card (MCU firmware 0.1.73, BLE firmware 0.7.4) can unlock the card, extract credit card numbers, and tamper with data on the card via Bluetooth because no authentication is needed, as demonstrated by gatttool.
CVSS Score
6.1
EPSS Score
0.001
Published
2018-04-04
CVE-2018-9275
In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure (serial number of a device) and/or DoS (reaching the maximum number of file descriptors).
CVSS Score
8.2
EPSS Score
0.003
Published
2018-04-04
CVE-2016-10230
A remote code execution vulnerability in the Qualcomm crypto driver. Product: Android. Versions: Android kernel. Android ID: A-34389927. References: QC-CR#1091408.
CVSS Score
9.8
EPSS Score
0.075
Published
2018-04-04
CVE-2016-10231
An elevation of privilege vulnerability in the Qualcomm sound codec driver. Product: Android. Versions: Android kernel. Android ID: A-33966912. References: QC-CR#1096799.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-04-04
CVE-2016-10232
An elevation of privilege vulnerability in the Qualcomm video driver. Product: Android. Versions: Android kernel. Android ID: A-34386696. References: QC-CR#1024872.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-04-04
CVE-2016-10233
An elevation of privilege vulnerability in the Qualcomm video driver. Product: Android. Versions: Android kernel. Android ID: A-34389926. References: QC-CR#897452.
CVSS Score
9.8
EPSS Score
0.006
Published
2018-04-04
CVE-2016-10234
An information disclosure vulnerability in the Qualcomm IPA driver. Product: Android. Versions: Android kernel. Android ID: A-34390017. References: QC-CR#1069060.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-04-04
CVE-2016-10235
A denial of service vulnerability in the Qualcomm WiFi driver. Product: Android. Versions: Android kernel. Android ID: A-34390620. References: QC-CR#1046409.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-04-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved