Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2020
CVE-2020-9315
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys. NOTE: a related support policy can be found in the www.oracle.com references attached to this CVE.
CVSS Score
7.5
EPSS Score
0.868
Published
2020-05-10
CVE-2020-12767
exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.
CVSS Score
5.5
EPSS Score
0.002
Published
2020-05-09
CVE-2020-12768
An issue was discovered in the Linux kernel before 5.6. svm_cpu_uninit in arch/x86/kvm/svm.c has a memory leak, aka CID-d80b64ff297e. NOTE: third parties dispute this issue because it's a one-time leak at the boot, the size is negligible, and it can't be triggered at will
CVSS Score
5.5
EPSS Score
0.001
Published
2020-05-09
CVE-2020-12769
An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-05-09
CVE-2020-12770
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.
CVSS Score
6.7
EPSS Score
0.001
Published
2020-05-09
CVE-2020-12771
An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-05-09
CVE-2019-20795
iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors (such as C library configuration) may block exploitability.
CVSS Score
4.4
EPSS Score
0.0
Published
2020-05-09
CVE-2020-12764
Gnuteca 3.8 allows file.php?folder=/&file= Directory Traversal.
CVSS Score
5.3
EPSS Score
0.001
Published
2020-05-09
CVE-2020-12765
Solis Miolo 2.0 allows index.php?module=install&action=view&item= Directory Traversal.
CVSS Score
5.3
EPSS Score
0.001
Published
2020-05-09
CVE-2020-12766
Gnuteca 3.8 allows action=main:search:simpleSearch SQL Injection via the exemplaryStatusId parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2020-05-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved