Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2018
CVE-2018-14051
The function wav_read in libwav.c in libwav through 2017-04-20 has an infinite loop.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-07-13
CVE-2018-14052
An issue has been found in libwav through 2017-04-20. It is a SEGV in the function apply_gain in wav_gain/wav_gain.c.
CVSS Score
6.5
EPSS Score
0.003
Published
2018-07-13
CVE-2018-9067
The Lenovo Help Android app versions earlier than 6.1.2.0327 had insufficient access control for some functions which, if exploited, could have led to exposure of approximately 400 email addresses and 8,500 IMEI.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-07-13
CVE-2018-9070
For the Lenovo Smart Assistant Android app versions earlier than 12.1.82, an attacker with physical access to the smart speaker can, by pressing a specific button sequence, enter factory test mode and enable a web service intended for testing the device. As with most test modes, this provides extra privileges, including changing settings and running code. Lenovo Smart Assistant is an Amazon Alexa-enabled smart speaker developed by Lenovo.
CVSS Score
6.4
EPSS Score
0.0
Published
2018-07-13
CVE-2018-14044
The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.
CVSS Score
7.5
EPSS Score
0.007
Published
2018-07-13
CVE-2018-14045
The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-07-13
CVE-2018-14046
Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-07-13
CVE-2018-14040
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
CVSS Score
6.1
EPSS Score
0.008
Published
2018-07-13
CVE-2018-14041
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.
CVSS Score
6.1
EPSS Score
0.058
Published
2018-07-13
CVE-2018-14042
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
CVSS Score
6.1
EPSS Score
0.009
Published
2018-07-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved