Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2018
CVE-2018-12021
Singularity 2.3.0 through 2.5.1 is affected by an incorrect access control on systems supporting overlay file system. When using the overlay option, a malicious user may access sensitive information by exploiting a few specific Singularity features.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-07-05
CVE-2018-12691
Time-of-check to time-of-use (TOCTOU) race condition in org.onosproject.acl (aka the access control application) in ONOS v1.13 and earlier allows attackers to bypass network access control via data plane packet injection.
CVSS Score
6.8
EPSS Score
0.002
Published
2018-07-05
CVE-2018-12910
The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.
CVSS Score
9.8
EPSS Score
0.078
Published
2018-07-05
CVE-2018-12976
In Go Doc Dot Org (gddo) through 2018-06-27, an attacker could use specially crafted <go-import> tags in packages being fetched by gddo to cause a directory traversal and remote code execution.
CVSS Score
9.8
EPSS Score
0.027
Published
2018-07-05
CVE-2018-13325
The _sell function of a smart contract implementation for GROWCHAIN (GROW), an Ethereum token, has an integer overflow.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-07-05
CVE-2018-13326
The transfer and transferFrom functions of a smart contract implementation for Bittelux (BTX), an Ethereum token, have an integer overflow. NOTE: this has been disputed by a third party.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-07-05
CVE-2018-13327
The transfer and transferFrom functions of a smart contract implementation for ChuCunLingAIGO (CCLAG), an Ethereum token, have an integer overflow. NOTE: this has been disputed by a third party.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-07-05
CVE-2018-13328
The transfer, transferFrom, and mint functions of a smart contract implementation for PFGc, an Ethereum token, have an integer overflow.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-07-05
CVE-2018-7944
Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. An attacker gets some user's smart phone and performs some special operations in the guide function. The attacker may exploit the vulnerability to bypass FRP function and use the phone normally.
CVSS Score
6.8
EPSS Score
0.0
Published
2018-07-05
CVE-2018-13252
Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-07-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved