Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2018
CVE-2018-12932
PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by triggering a large pAlphaBlend->cbBitsSrc value.
CVSS Score
9.8
EPSS Score
0.009
Published
2018-06-28
CVE-2018-12933
PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact because the attacker controls the pCreatePen->ihPen array index.
CVSS Score
9.8
EPSS Score
0.009
Published
2018-06-28
CVE-2018-12934
remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.
CVSS Score
7.5
EPSS Score
0.007
Published
2018-06-28
CVE-2018-12920
Brickstream 2300 devices allow remote attackers to obtain potentially sensitive information via a direct request for the basic.html#ipsettings or basic.html#datadelivery URI.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-06-28
CVE-2018-12921
Electro Industries GaugeTech Nexus devices allow remote attackers to obtain potentially sensitive information via a direct request for the meter_information.htm, diag_system.htm, or diag_dnp_lan_wan.htm URI.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-06-28
CVE-2018-12922
Emerson Liebert IntelliSlot Web Card devices allow remote attackers to reconfigure access control via the config/configUser.htm or config/configTelnet.htm URI.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-06-28
CVE-2018-12923
BWS Systems HA-Bridge devices allow remote attackers to obtain potentially sensitive information via a direct request for the #!/system URI.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-06-28
CVE-2018-12924
Sollae Serial-Ethernet-Module and Remote-I/O-Device-Server devices have a default password of sollae for the TELNET service.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-06-28
CVE-2018-12925
Baseon Lantronix MSS devices do not require a password for TELNET access.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-06-28
CVE-2018-12926
Pharos Controls devices allow remote attackers to obtain potentially sensitive information via a direct request for the default/index.lsp or default/log.lsp URI.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-06-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved