Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2017
CVE-2015-7853
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.
CVSS Score
9.8
EPSS Score
0.21
Published
2017-08-07
CVE-2015-7854
Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.
CVSS Score
8.8
EPSS Score
0.042
Published
2017-08-07
CVE-2015-7855
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
CVSS Score
6.5
EPSS Score
0.635
Published
2017-08-07
CVE-2015-7871
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
CVSS Score
9.8
EPSS Score
0.767
Published
2017-08-07
CVE-2017-12653
360 Total Security 9.0.0.1202 before 2017-07-07 allows Privilege Escalation via a Trojan horse Shcore.dll file in any directory in the PATH, as demonstrated by the C:\Python27 directory.
CVSS Score
7.8
EPSS Score
0.022
Published
2017-08-07
CVE-2017-12654
The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 allows attackers to cause a denial of service (memory leak) via a crafted file.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-08-07
CVE-2009-5145
Cross-site scripting (XSS) vulnerability in ZMI pages that use the manage_tabs_message in Zope 2.11.4, 2.11.2, 2.10.9, 2.10.7, 2.10.6, 2.10.5, 2.10.4, 2.10.2, 2.10.1, 2.12.
CVSS Score
6.1
EPSS Score
0.005
Published
2017-08-07
CVE-2011-5325
Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.
CVSS Score
7.5
EPSS Score
0.041
Published
2017-08-07
CVE-2014-9260
The basic_settings function in the download manager plugin for WordPress before 2.7.3 allows remote authenticated users to update every WordPress option.
CVSS Score
8.8
EPSS Score
0.038
Published
2017-08-07
CVE-2014-9262
The Duplicator plugin in Wordpress before 0.5.10 allows remote authenticated users to create and download backup files.
CVSS Score
8.2
EPSS Score
0.074
Published
2017-08-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved