Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2017
CVE-2017-9161
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c:188:23.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
CVE-2017-9162
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c:191:2.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
CVE-2017-9163
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in pxl-outline.c:106:54.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
CVE-2017-9164
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:16:11.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
CVE-2017-9165
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:17:11.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
CVE-2015-6817
PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via an unknown username.
CVSS Score
8.1
EPSS Score
0.014
Published
2017-05-23
CVE-2015-8089
The GPU driver in Huawei P7 phones with software P7-L00 before P7-L00C17B851, P7-L05 before P7-L05C00B851, and P7-L09 before P7-L09C92B851 allows local users to read or write to arbitrary kernel memory locations and consequently cause a denial of service (system crash) or gain privileges via a crafted application.
CVSS Score
7.8
EPSS Score
0.0
Published
2017-05-23
CVE-2015-8477
Cross-site scripting (XSS) vulnerability in Redmine before 2.6.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving flash message rendering.
CVSS Score
6.1
EPSS Score
0.004
Published
2017-05-23
CVE-2016-10073
The from method in library/core/class.email.php in Vanilla Forums before 2.3.1 allows remote attackers to spoof the email domain in sent messages and potentially obtain sensitive information via a crafted HTTP Host header, as demonstrated by a password reset request.
CVSS Score
7.5
EPSS Score
0.543
Published
2017-05-23
CVE-2016-1876
The backend service process in Lenovo Solution Center (aka LSC) before 3.3.0002 allows local users to gain SYSTEM privileges via unspecified vectors.
CVSS Score
7.8
EPSS Score
0.0
Published
2017-05-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved