Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2018
CVE-2018-5254
Arista EOS before 4.20.2F allows remote BGP peers to cause a denial of service (Rib agent restart) via a malformed path attribute in an UPDATE message.
CVSS Score
7.5
EPSS Score
0.006
Published
2018-04-12
CVE-2018-10063
The Convert Forms extension before 2.0.4 for Joomla! is vulnerable to Remote Command Execution using CSV Injection that is mishandled when exporting a Leads file.
CVSS Score
7.8
EPSS Score
0.033
Published
2018-04-12
CVE-2018-3861
A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-04-12
CVE-2018-3862
A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting
CVSS Score
8.8
EPSS Score
0.003
Published
2018-04-12
CVE-2018-3868
A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-04-12
CVE-2018-3889
A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-04-12
CVE-2018-10068
The jDownloads extension before 3.2.59 for Joomla! has XSS.
CVSS Score
6.1
EPSS Score
0.04
Published
2018-04-12
CVE-2018-10071
windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a 0x953826DB DeviceIoControl call.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-04-12
CVE-2018-10072
windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a 0x953827bf DeviceIoControl call.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-04-12
CVE-2018-10073
joyplus-cms 1.6.0 has XSS in manager/admin_vod.php via the keyword parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-04-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved