Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2017
CVE-2016-8229
A cross-site request forgery vulnerability in Lenovo Service Bridge before version 4 could be exploited by an attacker with access to the DHCP server used by the system where LSB is installed.
CVSS Score
8.8
EPSS Score
0.002
Published
2017-06-04
CVE-2016-8230
In Lenovo Service Bridge before version 4, an insecure HTTP connection is used by LSB to send system serial number, machine type and model and product name to Lenovo's servers.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-06-04
CVE-2016-8231
In Lenovo Service Bridge before version 4, a bug found in the signature verification logic of the code signing certificate could be exploited by an attacker to insert a forged code signing certificate.
CVSS Score
7.5
EPSS Score
0.001
Published
2017-06-04
CVE-2017-3740
In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system's embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality.
CVSS Score
5.5
EPSS Score
0.0
Published
2017-06-04
CVE-2017-3741
In the Lenovo Power Management driver before 1.67.12.24, a local user may alter the trackpoint's firmware and stop the trackpoint from functioning correctly. This issue only affects ThinkPad X1 Carbon 5th generation.
CVSS Score
3.3
EPSS Score
0.001
Published
2017-06-04
CVE-2017-9416
Directory traversal vulnerability in tools.file_open in Odoo 8.0, 9.0, and 10.0 allows remote authenticated users to read arbitrary local files readable by the Odoo service.
CVSS Score
6.5
EPSS Score
0.504
Published
2017-06-04
CVE-2017-9417
Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue.
CVSS Score
9.8
EPSS Score
0.427
Published
2017-06-04
CVE-2017-9403
In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDirEntryLong8Array in tif_dirread.c, which allows attackers to cause a denial of service via a crafted file.
CVSS Score
6.5
EPSS Score
0.01
Published
2017-06-02
CVE-2017-9404
In LibTIFF 4.0.7, a memory leak vulnerability was found in the function OJPEGReadHeaderInfoSecTablesQTable in tif_ojpeg.c, which allows attackers to cause a denial of service via a crafted file.
CVSS Score
6.5
EPSS Score
0.01
Published
2017-06-02
CVE-2017-9405
In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-06-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved