Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2020
CVE-2019-8251
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to information disclosure.
CVSS Score
5.5
EPSS Score
0.018
Published
2020-07-06
CVE-2019-8066
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .
CVSS Score
7.8
EPSS Score
0.289
Published
2020-07-06
CVE-2020-15570
The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file.
CVSS Score
5.5
EPSS Score
0.003
Published
2020-07-06
CVE-2020-15569
PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor.
CVSS Score
5.5
EPSS Score
0.002
Published
2020-07-06
CVE-2020-7690
All affected versions <2.0.0 of package jspdf are vulnerable to Cross-site Scripting (XSS). It is possible to inject JavaScript code via the html method.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-07-06
CVE-2020-7691
In all versions of the package jspdf, it is possible to use <<script>script> in order to go over the filtering regex.
CVSS Score
6.3
EPSS Score
0.002
Published
2020-07-06
CVE-2020-15562
An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.
CVSS Score
6.1
EPSS Score
0.009
Published
2020-07-06
CVE-2020-15541
SolarWinds Serv-U FTP server before 15.2.1 allows remote command execution.
CVSS Score
9.8
EPSS Score
0.212
Published
2020-07-05
CVE-2020-15542
SolarWinds Serv-U FTP server before 15.2.1 mishandles the CHMOD command.
CVSS Score
9.8
EPSS Score
0.044
Published
2020-07-05
CVE-2020-15543
SolarWinds Serv-U FTP server before 15.2.1 does not validate an argument path.
CVSS Score
9.8
EPSS Score
0.044
Published
2020-07-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved