Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2017
CVE-2017-11542
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
CVSS Score
9.8
EPSS Score
0.01
Published
2017-07-23
CVE-2017-11543
tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.
CVSS Score
9.8
EPSS Score
0.136
Published
2017-07-23
CVE-2017-11553
There is an illegal address access in the extend_alias_table function in localealias.c of Exiv2 0.26. A crafted input will lead to remote denial of service.
CVSS Score
7.5
EPSS Score
0.007
Published
2017-07-23
CVE-2017-11522
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-07-22
CVE-2017-11523
The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered.
CVSS Score
6.5
EPSS Score
0.007
Published
2017-07-22
CVE-2017-7336
A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lower versions allows a remote attacker to log-in and execute commands with 'upgrade' account privileges.
CVSS Score
9.8
EPSS Score
0.009
Published
2017-07-22
CVE-2017-3221
Blind SQL injection in Inmarsat AmosConnect 8 login form allows remote attackers to access user credentials, including user names and passwords.
CVSS Score
9.8
EPSS Score
0.02
Published
2017-07-22
CVE-2017-3222
Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative privileges, including the ability to execute commands on the Microsoft Windows host platform with SYSTEM privileges by abusing AmosConnect Task Manager.
CVSS Score
9.8
EPSS Score
0.061
Published
2017-07-22
CVE-2017-11521
The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote attackers to cause a denial of service (memory consumption) by triggering many media connections.
CVSS Score
7.5
EPSS Score
0.016
Published
2017-07-22
CVE-2016-10400
Directory Traversal exists in ATutor before 2.2.2 via the icon parameter to /mods/_core/courses/users/create_course.php. The attacker can read an arbitrary file by visiting get_course_icon.php?id= after the traversal attack.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-07-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved