Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2020
CVE-2020-0228
There is an improper configuration of recorder related service. Product: AndroidVersions: Android SoCAndroid ID: A-156333723
CVSS Score
7.5
EPSS Score
0.001
Published
2020-07-17
CVE-2020-0230
There is a possible out of bounds write due to an incorrect bounds check. Product: AndroidVersions: Android SoCAndroid ID: A-156337262
CVSS Score
9.8
EPSS Score
0.001
Published
2020-07-17
CVE-2020-0231
There is a possible out of bounds write due to an incorrect bounds check. Product: AndroidVersions: Android SoCAndroid ID: A-156333727
CVSS Score
9.8
EPSS Score
0.001
Published
2020-07-17
CVE-2020-15108
In glpi before 9.5.1, there is a SQL injection for all usages of "Clone" feature. This has been fixed in 9.5.1.
CVSS Score
7.1
EPSS Score
0.003
Published
2020-07-17
CVE-2020-15110
In jupyterhub-kubespawner before 0.12, certain usernames will be able to craft particular server names which will grant them access to the default server of other users who have matching usernames. This has been fixed in 0.12.
CVSS Score
6.8
EPSS Score
0.002
Published
2020-07-17
CVE-2019-4091
"HCL Marketing Platform is vulnerable to cross-site scripting during addition of new users and also while searching for users in Dashboard, potentially giving an attacker ability to inject malicious code into the system. "
CVSS Score
5.4
EPSS Score
0.003
Published
2020-07-17
CVE-2020-0120
In notifyErrorForPendingRequests of QCamera3HWI.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-149995442
CVSS Score
7.8
EPSS Score
0.0
Published
2020-07-17
CVE-2020-0305
In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-153467744
CVSS Score
6.4
EPSS Score
0.0
Published
2020-07-17
CVE-2020-15816
In Western Digital WD Discovery before 4.0.251.0, a malicious application running with standard user permissions could potentially execute code in the application's process through library injection by using DYLD environment variables.
CVSS Score
8.8
EPSS Score
0.009
Published
2020-07-17
CVE-2019-4090
"HCL Campaign is vulnerable to cross-site scripting when a user provides XSS scripts in Campaign Description field."
CVSS Score
5.4
EPSS Score
0.003
Published
2020-07-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved