Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2019
CVE-2019-12987
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6).
CVSS Score
9.8
EPSS Score
0.928
Published
2019-07-16
CVE-2019-12988
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6).
CVSS Score
9.8
EPSS Score
0.928
Published
2019-07-16
CVE-2019-12989
Known exploited
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection.
CVSS Score
9.8
EPSS Score
0.911
Published
2019-07-16
CVE-2018-13442
SolarWinds Network Performance Monitor 12.3 allows SQL Injection via the /api/ActiveAlertsOnThisEntity/GetActiveAlerts TriggeringObjectEntityNames parameter.
CVSS Score
8.8
EPSS Score
0.007
Published
2019-07-16
CVE-2019-13360
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, remote attackers can bypass authentication in the login process by leveraging knowledge of a valid username.
CVSS Score
9.8
EPSS Score
0.273
Published
2019-07-16
CVE-2019-13383
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login process allows attackers to check whether a username is valid by reading the HTTP response.
CVSS Score
5.3
EPSS Score
0.207
Published
2019-07-16
CVE-2019-13603
An issue was discovered in the HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vector to encrypt a user's fingerprint image, resulting in weak encryption of that. This, in combination with retrieving an encrypted fingerprint image and encryption key (through another vulnerability), allows an attacker to obtain a user's fingerprint image.
CVSS Score
5.9
EPSS Score
0.003
Published
2019-07-16
CVE-2019-13605
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can bypass authentication in the login process by leveraging the knowledge of a valid username. The attacker must defeat an encoding that is not equivalent to base64, and thus this is different from CVE-2019-13360.
CVSS Score
8.8
EPSS Score
0.046
Published
2019-07-16
CVE-2019-13615
libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement.
CVSS Score
5.5
EPSS Score
0.003
Published
2019-07-16
CVE-2019-13616
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
CVSS Score
8.1
EPSS Score
0.064
Published
2019-07-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved