Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2017
CVE-2017-7219
A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 before 135.8/135.12, 10.5 before 65.11, 11.0 before 70.12, and 11.1 before 52.13 allows a remote authenticated attacker to run arbitrary commands via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.016
Published
2017-04-13
CVE-2012-6697
InspIRCd before 2.0.7 allows remote attackers to cause a denial of service (infinite loop).
CVSS Score
7.5
EPSS Score
0.011
Published
2017-04-13
CVE-2014-2710
Multiple cross-site scripting (XSS) vulnerabilities in Oliver (formerly Webshare) 1.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the (1) login page (index.php) or (2) login form (loginform-inc.php).
CVSS Score
6.1
EPSS Score
0.003
Published
2017-04-13
CVE-2015-1838
modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.
CVSS Score
5.3
EPSS Score
0.002
Published
2017-04-13
CVE-2015-1839
modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.
CVSS Score
5.3
EPSS Score
0.001
Published
2017-04-13
CVE-2015-6674
Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836.
CVSS Score
9.8
EPSS Score
0.016
Published
2017-04-13
CVE-2015-7565
Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through 1.10.x, 1.11.x before 1.11.4, 1.12.x before 1.12.2, 1.13.x before 1.13.12, 2.0.x before 2.0.3, 2.1.x before 2.1.2, and 2.2.x before 2.2.1 allows remote attackers to inject arbitrary web script or HTML.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-04-13
CVE-2015-7740
Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B851 and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) via vectors involving an application that passes crafted input to the GPU driver.
CVSS Score
5.5
EPSS Score
0.0
Published
2017-04-13
CVE-2015-8107
Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.017
Published
2017-04-13
CVE-2015-8223
Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B85, and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) by leveraging camera permissions and via crafted input to the camera driver.
CVSS Score
5.5
EPSS Score
0.0
Published
2017-04-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved