Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2019
CVE-2018-7850
A CWE-807: Reliance on Untrusted Inputs in a Security Decision vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause invalid information displayed in Unity Pro software.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-05-22
CVE-2018-7851
CWE-119: Buffer errors vulnerability exists in Modicon M580 with firmware prior to V2.50, Modicon M340 with firmware prior to V3.01, BMxCRA312xx with firmware prior to V2.40, All firmware versions of Modicon Premium and 140CRA312xxx when sending a specially crafted Modbus packet, which could cause a denial of service to the device that would force a restart to restore availability.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-05-22
CVE-2018-7852
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when an invalid private command parameter is sent to the controller over Modbus.
CVSS Score
7.5
EPSS Score
0.148
Published
2019-05-22
CVE-2019-6812
A CWE-798 use of hardcoded credentials vulnerability exists in BMX-NOR-0200H with firmware versions prior to V1.7 IR 19 which could cause a confidentiality issue when using FTP protocol.
CVSS Score
7.2
EPSS Score
0.003
Published
2019-05-22
CVE-2019-6814
A CWE-287: Improper Authentication vulnerability exists in the NET55XX Encoder with firmware prior to version 2.1.9.7 which could cause impact to confidentiality, integrity, and availability when a remote attacker crafts a malicious request to the encoder webUI.
CVSS Score
9.8
EPSS Score
0.669
Published
2019-05-22
CVE-2017-5863
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
CVSS Score
9.8
EPSS Score
0.006
Published
2019-05-22
CVE-2017-5864
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS).
CVSS Score
6.1
EPSS Score
0.004
Published
2019-05-22
CVE-2017-5871
Odoo Version <= 8.0-20160726 and Version 9 is affected by: CWE-601: Open redirection. The impact is: obtain sensitive information (remote).
CVSS Score
5.4
EPSS Score
0.027
Published
2019-05-22
CVE-2017-5984
In libavcodec in Libav 9.21, ff_h264_execute_ref_pic_marking() has a heap-based buffer over-read.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-05-22
CVE-2017-6912
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-05-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved