Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2017
CVE-2017-9302
RealPlayer 16.0.2.32 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp4 file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-05-29
CVE-2017-9294
RMI vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to execute internal commands without authentication via RMI ports.
CVSS Score
9.8
EPSS Score
0.044
Published
2017-05-29
CVE-2017-9295
XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to read arbitrary files.
CVSS Score
6.5
EPSS Score
0.002
Published
2017-05-29
CVE-2017-9296
Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Tuning Manager before 8.5.2-00 allows remote attackers to redirect authenticated users to arbitrary web sites.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-05-29
CVE-2017-9297
Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to redirect users to arbitrary web sites.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-05-29
CVE-2017-9298
Cross-site scripting vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to execute arbitrary JavaScript code.
CVSS Score
5.4
EPSS Score
0.002
Published
2017-05-29
CVE-2017-9148
The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 802.1X supplicants) to bypass authentication via PEAP or TTLS.
CVSS Score
9.8
EPSS Score
0.012
Published
2017-05-29
CVE-2017-9289
Bram Korsten Note through 1.2.0 is vulnerable to a reflected XSS in note-source\ui\editor.php (edit parameter).
CVSS Score
6.1
EPSS Score
0.002
Published
2017-05-29
CVE-2017-9292
Lansweeper before 6.0.0.65 has XSS in an image retrieval URI, aka Bug 542782.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-05-29
CVE-2017-7913
A Plaintext Storage of a Password issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions, OnCell 5104-HSDPA, OnCell 5104-HSPA, and OnCell 5004-HSPA. The application's configuration file contains parameters that represent passwords in plaintext.
CVSS Score
9.8
EPSS Score
0.002
Published
2017-05-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved