Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2018
CVE-2018-1000039
In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.
CVSS Score
7.8
EPSS Score
0.007
Published
2018-05-24
CVE-2018-11411
The transferFrom function of a smart contract implementation for DimonCoin (FUD), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer all victims' balances into their account) because certain computations involving _value are incorrect.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-05-24
CVE-2018-11403
DomainMod v4.09.03 has XSS via the assets/edit/account-owner.php oid parameter.
CVSS Score
5.4
EPSS Score
0.004
Published
2018-05-24
CVE-2018-11404
DomainMod v4.09.03 has XSS via the assets/edit/ssl-provider-account.php sslpaid parameter.
CVSS Score
6.1
EPSS Score
0.005
Published
2018-05-24
CVE-2018-11405
Kliqqi 2.0.2 has CSRF in admin/admin_users.php.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-05-24
CVE-2018-11410
An issue was discovered in Liblouis 3.5.0. A invalid free in the compileRule function in compileTranslationTable.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
CVSS Score
9.8
EPSS Score
0.008
Published
2018-05-24
CVE-2018-11399
SimpliSafe Original has Unencrypted Sensor Transmissions, which allows physically proximate attackers to obtain potentially sensitive information about the specific times when alarm-system events occur.
CVSS Score
4.3
EPSS Score
0.0
Published
2018-05-24
CVE-2018-11400
In SimpliSafe Original, the Base Station fails to detect tamper attempts: it does not send a notification if a physically proximate attacker removes the battery and external power.
CVSS Score
4.6
EPSS Score
0.001
Published
2018-05-24
CVE-2018-11401
In SimpliSafe Original, RF Interference (e.g., an extremely strong 433.92 MHz signal) by a physically proximate attacker does not cause a notification.
CVSS Score
4.6
EPSS Score
0.001
Published
2018-05-24
CVE-2018-11402
SimpliSafe Original has Unencrypted Keypad Transmissions, which allows physically proximate attackers to discover the PIN.
CVSS Score
6.6
EPSS Score
0.0
Published
2018-05-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved