Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2017
CVE-2016-10371
The TIFFWriteDirectoryTagCheckedRational function in tif_dirwrite.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF file.
CVSS Score
5.5
EPSS Score
0.005
Published
2017-05-10
CVE-2017-5891
ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 have Login Page CSRF and Save Settings CSRF.
CVSS Score
8.8
EPSS Score
0.002
Published
2017-05-10
CVE-2017-5892
ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow JSONP Information Disclosure such as a network map.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-05-10
CVE-2017-8868
acp/core/files.browser.php in flatCore 1.4.7 allows file deletion via directory traversal in the delete parameter to acp/acp.php. The risk might be limited to requests submitted through CSRF.
CVSS Score
7.5
EPSS Score
0.006
Published
2017-05-10
CVE-2017-8872
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.
CVSS Score
9.1
EPSS Score
0.003
Published
2017-05-10
CVE-2017-8874
Multiple cross-site request forgery (CSRF) vulnerabilities in Mautic 1.4.1 allow remote attackers to hijack the authentication of users for requests that (1) delete email campaigns or (2) delete contacts.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-05-10
CVE-2017-8875
CSRF in the Clean Login plugin before 1.8 for WordPress allows remote attackers to change the login redirect URL or logout redirect URL.
CVSS Score
6.5
EPSS Score
0.001
Published
2017-05-10
CVE-2017-8876
Symphony 2 2.6.11 has XSS in the meta[navigation_group] parameter to content/content.blueprintssections.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-05-10
CVE-2017-8877
ASUS RT-AC* and RT-N* devices with firmware through 3.0.0.4.380.7378 allow JSONP Information Disclosure such as the SSID.
CVSS Score
6.5
EPSS Score
0.003
Published
2017-05-10
CVE-2017-8878
ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow remote authenticated users to discover the Wi-Fi password via WPS_info.xml.
CVSS Score
6.5
EPSS Score
0.002
Published
2017-05-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved