Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2020
CVE-2020-5838
Symantec IT Analytics, prior to 2.9.1, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can potentially enable attackers to inject client-side scripts into web pages viewed by other users.
CVSS Score
4.8
EPSS Score
0.005
Published
2020-05-13
CVE-2019-16112
TylerTech Eagle 2018.3.11 deserializes untrusted user input, resulting in remote code execution via a crafted Java object to the recorder/ServiceManager?service=tyler.empire.settings.SettingManager URI.
CVSS Score
8.8
EPSS Score
0.019
Published
2020-05-13
CVE-2020-12427
The Western Digital WD Discovery application before 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting disk space.
CVSS Score
8.8
EPSS Score
0.001
Published
2020-05-13
CVE-2020-12763
TRENDnet ProView Wireless camera TV-IP512WN 1.0R 1.0.4 is vulnerable to an unauthenticated stack-based buffer overflow in handling RTSP packets. This may result in remote code execution or denial of service. The issue is in the binary rtspd (in /sbin) when parsing a long "Authorization: Basic" RTSP header.
CVSS Score
9.8
EPSS Score
0.037
Published
2020-05-13
CVE-2020-8020
A Improper Neutralization of Input During Web Page Generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS. This issue affects: openSUSE open-build-service versions prior to 7cc32c8e2ff7290698e101d9a80a9dc29a5500fb.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-05-13
CVE-2020-10654
Ping Identity PingID SSH before 4.0.14 contains a heap buffer overflow in PingID-enrolled servers. This condition can be potentially exploited into a Remote Code Execution vector on the authenticating endpoint.
CVSS Score
9.8
EPSS Score
0.075
Published
2020-05-13
CVE-2020-12697
The direct_mail extension through 5.2.3 for TYPO3 allows Denial of Service via log entries.
CVSS Score
5.3
EPSS Score
0.003
Published
2020-05-13
CVE-2020-12698
The direct_mail extension through 5.2.3 for TYPO3 has Broken Access Control for newsletter subscriber tables.
CVSS Score
4.3
EPSS Score
0.001
Published
2020-05-13
CVE-2020-12699
The direct_mail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-05-13
CVE-2020-12700
The direct_mail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query.
CVSS Score
4.3
EPSS Score
0.001
Published
2020-05-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved