Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2017
CVE-2017-1000071
Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CAS server.
CVSS Score
8.1
EPSS Score
0.002
Published
2017-07-17
CVE-2017-1000072
Creolabs Gravity version 1.0 is vulnerable to a Double Free in gravity_value resulting potentially leading to modification of unexpected memory locations
CVSS Score
9.8
EPSS Score
0.008
Published
2017-07-17
CVE-2017-1000073
Creolabs Gravity version 1.0 is vulnerable to a heap overflow in an undisclosed component that can result in arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.033
Published
2017-07-17
CVE-2017-1000074
Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the string_repeat() function.
CVSS Score
9.8
EPSS Score
0.008
Published
2017-07-17
CVE-2017-1000075
Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the memcmp function
CVSS Score
9.8
EPSS Score
0.008
Published
2017-07-17
CVE-2017-1000078
Linux foundation ONOS 1.9 is vulnerable to XSS in the device. registration
CVSS Score
6.1
EPSS Score
0.003
Published
2017-07-17
CVE-2017-1000079
Linux foundation ONOS 1.9.0 is vulnerable to a DoS.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-07-17
CVE-2017-1000080
Linux foundation ONOS 1.9.0 allows unauthenticated use of websockets.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-07-17
CVE-2017-1000081
Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar) resulting in remote code execution.
CVSS Score
9.8
EPSS Score
0.088
Published
2017-07-17
CVE-2017-1000362
The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINS_HOME with a new key. It also created a backup directory with all old secrets, and the key used to encrypt them. These backups were world-readable and not removed afterwards. Jenkins now deletes the backup directory, if present. Upgrading from before 1.498 will no longer create a backup directory. Administrators relying on file access permissions in their manually created backups are advised to check them for the directory $JENKINS_HOME/jenkins.security.RekeySecretAdminMonitor/backups, and delete it if present.
CVSS Score
9.8
EPSS Score
0.012
Published
2017-07-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved