Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2017
CVE-2017-1196
IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 123671.
CVSS Score
9.8
EPSS Score
0.003
Published
2017-06-07
CVE-2017-1305
IBM DOORS Next Generation (DNG/RRC) 6.0.2 and 6.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125459.
CVSS Score
5.4
EPSS Score
0.003
Published
2017-06-07
CVE-2017-4914
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue. Exploitation of this issue may allow a remote attacker to execute commands on the appliance.
CVSS Score
9.8
EPSS Score
0.133
Published
2017-06-07
CVE-2017-4917
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption. This issue may allow plaintext credentials to be obtained.
CVSS Score
9.8
EPSS Score
0.001
Published
2017-06-07
CVE-2017-7563
In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 Secure EL1, allowing attackers to bypass the MT_EXECUTE_NEVER protection mechanism. This issue occurs because of inconsistency in the number of execute-never bits (one bit versus two bits).
CVSS Score
8.1
EPSS Score
0.003
Published
2017-06-07
CVE-2017-7564
In ARM Trusted Firmware through 1.3, the secure self-hosted invasive debug interface allows normal world attackers to cause a denial of service (secure world panic) via vectors involving debug exceptions and debug registers.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-06-07
CVE-2015-7326
XML External Entity (XXE) vulnerability in Milton Webdav before 2.7.0.3.
CVSS Score
9.8
EPSS Score
0.02
Published
2017-06-07
CVE-2015-7514
OpenStack Ironic 4.2.0 through 4.2.1 does not "clean" the disk after use, which allows remote authenticated users to obtain sensitive information.
CVSS Score
6.5
EPSS Score
0.002
Published
2017-06-07
CVE-2015-7723
AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack.
CVSS Score
7.8
EPSS Score
0.0
Published
2017-06-07
CVE-2015-7724
AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. NOTE: This vulnerability exists due to an incomplete fix for CVE-2015-7723.
CVSS Score
7.8
EPSS Score
0.0
Published
2017-06-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved