Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2017
CVE-2015-1588
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Server 6 and OX AppSuite before 7.4.2-rev43, 7.6.0-rev38, and 7.6.1-rev21.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-06-08
CVE-2015-1786
Cross-site request forgery (CSRF) vulnerability in Zend/Validator/Csrf in Zend Framework 2.3.x before 2.3.6 via null or malformed token identifiers.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-06-08
CVE-2015-2692
AdBlock before 2.21 allows remote attackers to block arbitrary resources on arbitrary websites and to disable arbitrary blocking filters.
CVSS Score
10.0
EPSS Score
0.006
Published
2017-06-08
CVE-2015-3634
The SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX function in the Slideshow plugin 2.2.8 through 2.2.21 for Wordpress allows remote attackers to read arbitrary Wordpress option values.
CVSS Score
7.5
EPSS Score
0.021
Published
2017-06-08
CVE-2015-3913
The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denial of service (reboot) via a crafted ICMP request message.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-06-08
CVE-2016-6093
IBM Tivoli Key Lifecycle Manager does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-06-08
CVE-2016-6098
IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
CVSS Score
8.1
EPSS Score
0.001
Published
2017-06-08
CVE-2016-8987
IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow an authenticated user to view incorrect item sets that they should not have access to view.
CVSS Score
4.3
EPSS Score
0.002
Published
2017-06-08
CVE-2016-9698
IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 1999960.
CVSS Score
8.1
EPSS Score
0.006
Published
2017-06-08
CVE-2016-9736
IBM WebSphere Application Server using malformed SOAP requests could allow a remote attacker to obtain sensitive information.
CVSS Score
5.3
EPSS Score
0.003
Published
2017-06-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved