Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2020
CVE-2020-13622
JerryScript 2.2.0 allows attackers to cause a denial of service (assertion failure) because a property key query for a Proxy object returns unintended data.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-05-27
CVE-2020-13623
JerryScript 2.2.0 allows attackers to cause a denial of service (stack consumption) via a proxy operation.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-05-27
CVE-2020-13616
The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS hostname verification.
CVSS Score
5.9
EPSS Score
0.003
Published
2020-05-26
CVE-2020-13614
An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification.
CVSS Score
5.9
EPSS Score
0.006
Published
2020-05-26
CVE-2020-13615
lib/QoreSocket.cpp in Qore before 0.9.4.2 lacks hostname verification for X.509 certificates.
CVSS Score
5.9
EPSS Score
0.002
Published
2020-05-26
CVE-2020-9046
A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files.
CVSS Score
8.8
EPSS Score
0.0
Published
2020-05-26
CVE-2020-12388
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.
CVSS Score
10.0
EPSS Score
0.009
Published
2020-05-26
CVE-2020-12389
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.
CVSS Score
10.0
EPSS Score
0.006
Published
2020-05-26
CVE-2020-12390
Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox < 76.
CVSS Score
9.8
EPSS Score
0.015
Published
2020-05-26
CVE-2020-12391
Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin. This vulnerability affects Firefox < 76.
CVSS Score
7.5
EPSS Score
0.007
Published
2020-05-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved