Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2020
CVE-2020-14524
Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.011
Published
2020-08-25
CVE-2020-24240
GNU Bison before 3.7.1 has a use-after-free in _obstack_free in lib/obstack.c (called from gram_lex) when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug report was intended to show that a crash may occur in Bison itself, not that a crash may occur in code that is generated by Bison.
CVSS Score
5.5
EPSS Score
0.004
Published
2020-08-25
CVE-2020-24241
In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in saa_wbytes in nasmlib/saa.c.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-08-25
CVE-2020-24242
In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_text in asm/preproc.c by accessing READ memory.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-08-25
CVE-2020-24614
Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated users to execute arbitrary code. An attacker must have check-in privileges on the repository.
CVSS Score
8.8
EPSS Score
0.066
Published
2020-08-25
CVE-2020-14500
Secomea GateManager all versions prior to 9.2c, An attacker can send a negative value and overwrite arbitrary data.
CVSS Score
10.0
EPSS Score
0.003
Published
2020-08-25
CVE-2020-14508
GateManager versions prior to 9.2c, The affected product is vulnerable to an off-by-one error, which may allow an attacker to remotely execute arbitrary code or cause a denial-of-service condition.
CVSS Score
8.1
EPSS Score
0.007
Published
2020-08-25
CVE-2020-14510
GateManager versions prior to 9.2c, The affected product contains a hard-coded credential for telnet, allowing an unprivileged attacker to execute commands as root.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-08-25
CVE-2020-14512
GateManager versions prior to 9.2c, The affected product uses a weak hash type, which may allow an attacker to view user passwords.
CVSS Score
8.1
EPSS Score
0.001
Published
2020-08-25
CVE-2020-17384
Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly. With the cookie of the system administrator, attackers can inject and remotely execute arbitrary command to manipulate the system.
CVSS Score
7.2
EPSS Score
0.005
Published
2020-08-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved