Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2019
CVE-2019-15545
An issue was discovered in the libp2p-core crate before 0.8.1 for Rust. Attackers can spoof ed25519 signatures.
CVSS Score
7.5
EPSS Score
0.001
Published
2019-08-26
CVE-2019-15546
An issue was discovered in the pancurses crate through 0.16.1 for Rust. printw and mvprintw have format string vulnerabilities.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-08-26
CVE-2019-15547
An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are format string issues in printw functions because C format arguments are mishandled.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-08-26
CVE-2019-15548
An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are instr and mvwinstr buffer overflows because interaction with C functions is mishandled.
CVSS Score
9.8
EPSS Score
0.006
Published
2019-08-26
CVE-2019-15641
xmlrpc.cgi in Webmin through 1.930 allows authenticated XXE attacks. By default, only root, admin, and sysadm can access xmlrpc.cgi.
CVSS Score
6.5
EPSS Score
0.009
Published
2019-08-26
CVE-2019-15642
rpc.cgi in Webmin through 1.920 allows authenticated Remote Code Execution via a crafted object name because unserialise_variable makes an eval call. NOTE: the Webmin_Servers_Index documentation states "RPC can be used to run any command or modify any file on a server, which is why access to it must not be granted to un-trusted Webmin users."
CVSS Score
8.8
EPSS Score
0.92
Published
2019-08-26
CVE-2017-18588
An issue was discovered in the security-framework crate before 0.1.12 for Rust. Hostname verification for certificates does not occur if ClientBuilder uses custom root certificates.
CVSS Score
5.3
EPSS Score
0.001
Published
2019-08-26
CVE-2017-18589
An issue was discovered in the cookie crate before 0.7.6 for Rust. Large integers in the Max-Age of a cookie cause a panic.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-08-26
CVE-2018-20989
An issue was discovered in the untrusted crate before 0.6.2 for Rust. Error handling can trigger an integer underflow and panic.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-08-26
CVE-2018-20995
An issue was discovered in the slice-deque crate before 0.1.16 for Rust. move_head_unchecked allows memory corruption because deque updates are mishandled.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-08-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved