Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2018
CVE-2018-14515
A SQL injection was discovered in WUZHI CMS 4.1.0 that allows remote attackers to inject a malicious SQL statement via the index.php?m=promote&f=index&v=search keywords parameter.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-07-23
CVE-2018-14517
SeaCMS 6.61 has two XSS issues in the admin_config.php file via certain form fields.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-07-23
CVE-2018-14521
An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-07-23
CVE-2018-14522
An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-07-23
CVE-2018-14523
An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-07-23
CVE-2018-14524
dwg_decode_eed in decode.c in GNU LibreDWG before 0.6 leads to a double free (in dwg_free_eed in free.c) because it does not properly manage the obj->eed value after a free occurs.
CVSS Score
6.5
EPSS Score
0.002
Published
2018-07-23
CVE-2018-14527
Feedback.asp in Xiao5uCompany 1.7 has XSS because the XSS protection mechanism in Safe.asp is insufficient (for example, it considers SCRIPT and IMG elements, but does not consider VIDEO elements).
CVSS Score
6.1
EPSS Score
0.002
Published
2018-07-23
CVE-2018-14531
An issue was discovered in Bento4 1.5.1-624. There is an unspecified "heap-buffer-overflow" crash in the AP4_HvccAtom class in Core/Ap4HvccAtom.cpp.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-07-23
CVE-2018-14532
An issue was discovered in Bento4 1.5.1-624. There is a heap-based buffer over-read in AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp after a call from Mp42Hls.cpp, a related issue to CVE-2018-13846.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-07-23
CVE-2018-14543
There exists one NULL pointer dereference vulnerability in AP4_JsonInspector::AddField in Ap4Atom.cpp in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp4dump.
CVSS Score
5.5
EPSS Score
0.002
Published
2018-07-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved