Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2019
CVE-2019-12256
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.
CVSS Score
9.8
EPSS Score
0.177
Published
2019-08-09
CVE-2019-12257
Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc.
CVSS Score
8.8
EPSS Score
0.154
Published
2019-08-09
CVE-2019-5397
A remote bypass of security restrictions vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
CVSS Score
9.4
EPSS Score
0.013
Published
2019-08-09
CVE-2019-5398
A remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
CVSS Score
5.4
EPSS Score
0.003
Published
2019-08-09
CVE-2019-5399
A remote gain authorized access vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
CVSS Score
9.4
EPSS Score
0.006
Published
2019-08-09
CVE-2019-12805
NCSOFT Game Launcher, NC Launcher2 2.4.1.691 and earlier versions have a vulnerability in the custom protocol handler that could allow remote attacker to execute arbitrary command. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. This can be leveraged for code execution in the context of the current user.
CVSS Score
8.8
EPSS Score
0.024
Published
2019-08-09
CVE-2019-5395
A remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-08-09
CVE-2019-5396
A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
CVSS Score
9.4
EPSS Score
0.013
Published
2019-08-09
CVE-2017-18486
Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privileges because of mishandling of the User/AutoLogin userHash parameter. By inspecting the token value provided in a password reset link, a user can leverage a weak PRNG to recover the shared secret used by the server for remote authentication. The shared secret can be used to escalate privileges by forging new tokens for any user. These tokens can be used to automatically log in as the affected user.
CVSS Score
7.2
EPSS Score
0.017
Published
2019-08-09
CVE-2018-20858
Recommender before 2018-07-18 allows XSS.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved