Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2017
CVE-2017-11328
Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-07-17
CVE-2017-11329
GLPI before 9.1.5 allows SQL injection via an ajax/getDropdownValue.php request with an entity_restrict parameter that is not a list of integers.
CVSS Score
9.8
EPSS Score
0.003
Published
2017-07-17
CVE-2017-11335
There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack.
CVSS Score
8.8
EPSS Score
0.012
Published
2017-07-17
CVE-2017-11336
There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.
CVSS Score
6.5
EPSS Score
0.011
Published
2017-07-17
CVE-2017-11337
There is an invalid free in the Action::TaskFactory::cleanup function of actions.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-07-17
CVE-2017-11338
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-07-17
CVE-2017-11339
There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.
CVSS Score
6.5
EPSS Score
0.003
Published
2017-07-17
CVE-2017-11340
There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. A Crafted input will lead to a remote denial of service attack.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-07-17
CVE-2017-11341
There is a heap based buffer over-read in lexer.hpp of LibSass 3.4.5. A crafted input will lead to a remote denial of service attack.
CVSS Score
7.5
EPSS Score
0.004
Published
2017-07-17
CVE-2017-11342
There is an illegal address access in ast.cpp of LibSass 3.4.5. A crafted input will lead to a remote denial of service attack.
CVSS Score
7.5
EPSS Score
0.004
Published
2017-07-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved