Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2018
CVE-2018-9320
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB device is plugged in.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-05-31
CVE-2018-9322
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows local attacks involving the USB or OBD-II interface. An attacker can bypass the code-signing protection mechanism for firmware updates, and consequently obtain a root shell.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-05-31
CVE-2018-11583
SeaCMS 6.61 has stored XSS in admin_collect.php via the siteurl parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-05-31
CVE-2018-11579
class-woo-banner-management.php in the MULTIDOTS WooCommerce Category Banner Management plugin 1.1.0 for WordPress has an Unauthenticated Settings Change Vulnerability, related to certain wp_ajax_nopriv_ usage. Anyone can change the plugin's setting by simply sending a request with a wbm_save_shop_page_banner_data action.
CVSS Score
5.3
EPSS Score
0.002
Published
2018-05-31
CVE-2018-11580
An issue was discovered in mass-pages-posts-creator.php in the MULTIDOTS Mass Pages/Posts Creator plugin 1.2.2 for WordPress. Any logged in user can launch Mass Pages/Posts creation with custom content. There is no nonce or user capability check, so anyone can launch a DoS attack against a site and create hundreds of thousands of posts with custom content.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-05-31
CVE-2018-11571
ClipperCMS 1.3.3 allows Session Fixation.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-05-31
CVE-2018-11572
ClipperCMS 1.3.3 has XSS in the "Module name" field in a "Modules -> Manage modules -> edit" action to the manager/ URI.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-05-31
CVE-2018-11575
ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-05-31
CVE-2018-11576
ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-05-31
CVE-2018-11577
Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-05-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved