Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2020
CVE-2020-7489
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification). The result of this vulnerability, DLL substitution, could allow the transference of malicious code to the controller.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-04-22
CVE-2020-7490
A CWE-426: Untrusted Search Path vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 15 and prior) and Vijeo Designer (V6.9 SP9 and prior), which could cause arbitrary code execution on the system running Vijeo Basic when a malicious DLL library is loaded by the Product.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-04-22
CVE-2018-21127
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17.
CVSS Score
8.8
EPSS Score
0.002
Published
2020-04-22
CVE-2018-21128
Certain NETGEAR devices are affected by authentication bypass. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17.
CVSS Score
8.8
EPSS Score
0.001
Published
2020-04-22
CVE-2018-21129
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17.
CVSS Score
8.8
EPSS Score
0.001
Published
2020-04-22
CVE-2018-21130
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17.
CVSS Score
8.8
EPSS Score
0.007
Published
2020-04-22
CVE-2020-7055
An issue was discovered in Elementor 2.7.4. Arbitrary file upload is possible in the Elementor Import Templates function, allowing an attacker to execute code via a crafted ZIP archive.
CVSS Score
9.9
EPSS Score
0.021
Published
2020-04-22
CVE-2018-18405
jQuery v2.2.2 allows XSS via a crafted onerror attribute of an IMG element. NOTE: this vulnerability has been reported to be spam entry
CVSS Score
6.1
EPSS Score
0.003
Published
2020-04-22
CVE-2017-18758
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42.
CVSS Score
8.8
EPSS Score
0.004
Published
2020-04-22
CVE-2019-20787
Teeworlds before 0.7.4 has an integer overflow when computing a tilemap size.
CVSS Score
9.8
EPSS Score
0.007
Published
2020-04-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved