Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2019
CVE-2019-11775
All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that field in the modified copy of the loop allowing the test to see one value of the field and subsequently the loop to see a modified field value without retesting the condition moved out of the loop. This can lead to a variety of different issues but read out of array bounds is one major consequence of these problems.
CVSS Score
7.4
EPSS Score
0.015
Published
2019-07-30
CVE-2019-14386
cPanel before 82.0.2 has stored XSS in the WHM Tomcat Manager interface (SEC-504).
CVSS Score
5.4
EPSS Score
0.003
Published
2019-07-30
CVE-2019-14387
cPanel before 82.0.2 has Self XSS in the cPanel and webmail master templates (SEC-506).
CVSS Score
6.1
EPSS Score
0.003
Published
2019-07-30
CVE-2019-14388
cPanel before 82.0.2 allows unauthenticated file creation because Exim log parsing is mishandled (SEC-507).
CVSS Score
7.5
EPSS Score
0.002
Published
2019-07-30
CVE-2019-14389
cPanel before 82.0.2 allows local users to discover the MySQL root password (SEC-510).
CVSS Score
7.8
EPSS Score
0.0
Published
2019-07-30
CVE-2019-14390
cPanel before 82.0.2 has stored XSS in the WHM Modify Account interface (SEC-512).
CVSS Score
5.4
EPSS Score
0.003
Published
2019-07-30
CVE-2019-14391
cPanel before 82.0.2 does not properly enforce Reseller package creation ACLs (SEC-514).
CVSS Score
3.3
EPSS Score
0.001
Published
2019-07-30
CVE-2019-14441
An issue was discovered in Libav 12.3. An access violation allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv. This is related to ff_mpa_synth_filter_float in avcodec/mpegaudiodsp_template.c. NOTE: This may be a duplicate of CVE-2018-19129
CVSS Score
6.5
EPSS Score
0.003
Published
2019-07-30
CVE-2019-14442
In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek infinite loop and hang, with 100% CPU consumption. Attackers could leverage this vulnerability to cause a denial of service via a crafted file.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-07-30
CVE-2019-14443
An issue was discovered in Libav 12.3. Division by zero in range_decode_culshift in libavcodec/apedec.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.
CVSS Score
6.5
EPSS Score
0.005
Published
2019-07-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved