Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2018
CVE-2018-12915
In libpbc.a in PBC through 2017-03-02, there is a buffer over-read in calc_hash in map.c.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-06-27
CVE-2018-12916
In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in _pbcP_message_default in proto.c.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-06-27
CVE-2018-12917
In libpbc.a in PBC through 2017-03-02, there is a heap-based buffer over-read in _pbcM_ip_new in map.c.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-06-27
CVE-2018-12918
In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in _pbcB_register_fields in bootstrap.c.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-06-27
CVE-2018-12919
In CraftedWeb through 2013-09-24, aasp_includes/pages/notice.php allows XSS via the e parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-06-27
CVE-2018-1306
The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path information provided during a file upload. An attacker could exploit this vulnerability to obtain configuration data and other sensitive information.
CVSS Score
7.5
EPSS Score
0.698
Published
2018-06-27
CVE-2018-1457
An undisclosed vulnerability in IBM Rational DOORS 9.5.1 through 9.6.1.10 application allows an attacker to gain DOORS administrator privileges. IBM X-Force ID: 140208.
CVSS Score
8.1
EPSS Score
0.005
Published
2018-06-27
CVE-2018-1507
IBM DOORS Next Generation (DNG/RRC) 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141415.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-06-27
CVE-2018-1543
IBM WebSphere MQ 8.0 and 9.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 142598.
CVSS Score
5.9
EPSS Score
0.001
Published
2018-06-27
CVE-2018-1553
IBM WebSphere Application Server Liberty prior to 18.0.0.2 could allow a remote attacker to obtain sensitive information, caused by mishandling of exceptions by the SAML Web SSO feature. IBM X-Force ID: 142890.
CVSS Score
5.3
EPSS Score
0.003
Published
2018-06-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved