Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2018
CVE-2018-12461
Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate revocation.
CVSS Score
3.5
EPSS Score
0.001
Published
2018-07-10
CVE-2018-13843
An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c. NOTE: the software maintainer's position is that the "failure to free memory" can be fixed in applications that use the HTSlib library (such as test/test_bgzf.c in the original report) and is not a library issue
CVSS Score
7.5
EPSS Score
0.004
Published
2018-07-10
CVE-2018-13844
An issue has been found in HTSlib 1.8. It is a memory leak in fai_read in faidx.c. NOTE: This has been disputed with the assertion that this vulnerability exists in the test harness and HTSlib users would be aware of the need to destruct this object returned by fai_load() in their own code
CVSS Score
7.5
EPSS Score
0.004
Published
2018-07-10
CVE-2018-13845
An issue has been found in HTSlib 1.8. It is a buffer over-read in sam_parse1 in sam.c.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-07-10
CVE-2018-13846
An issue has been found in Bento4 1.5.1-624. AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp has a heap-based buffer over-read after a call from Mp42Ts.cpp, a related issue to CVE-2018-14532.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-07-10
CVE-2018-13847
An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StcoAtom::AdjustChunkOffsets in Core/Ap4StcoAtom.cpp.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-07-10
CVE-2018-13848
An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StszAtom::GetSampleSize in Core/Ap4StszAtom.cpp.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-07-10
CVE-2018-13849
edit_requests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on preg_replace.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-07-10
CVE-2018-13850
The "Firebase Cloud Messaging (FCM) + Advance Admin Panel" component supporting Firebase Push Notification on iOS (through 2017-10-26) allows SQL injection via the /advance_push/public/login username parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-07-10
CVE-2018-2427
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.
CVSS Score
8.8
EPSS Score
0.007
Published
2018-07-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved