Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2019
CVE-2019-13014
Little Snitch versions 4.4.0 fixes a vulnerability in a privileged helper tool. However, the operating system may have made a copy of the privileged helper which is not removed or updated immediately. Computers may therefore still be vulnerable after upgrading to 4.4.0. Version 4.4.1 fixes this issue by removing the operating system's copy during the upgrade.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-08-23
CVE-2019-15526
An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Type field to SetWanSettings, a related issue to CVE-2019-13482.
CVSS Score
8.8
EPSS Score
0.032
Published
2019-08-23
CVE-2019-15527
An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the MaxIdTime field to SetWanSettings.
CVSS Score
8.8
EPSS Score
0.037
Published
2019-08-23
CVE-2019-15528
An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Interface field to SetStaticRouteSettings.
CVSS Score
8.8
EPSS Score
0.032
Published
2019-08-23
CVE-2019-15529
An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Username field to Login.
CVSS Score
8.8
EPSS Score
0.125
Published
2019-08-23
CVE-2019-15530
An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the LoginPassword field to Login.
CVSS Score
8.8
EPSS Score
0.032
Published
2019-08-23
CVE-2019-15525
There is Missing SSL Certificate Validation in the pw3270 terminal emulator before version 5.1.
CVSS Score
8.1
EPSS Score
0.003
Published
2019-08-23
CVE-2019-15516
Cuberite before 2019-06-11 allows webadmin directory traversal via ....// because the protection mechanism simply removes one ../ substring.
CVSS Score
7.5
EPSS Score
0.005
Published
2019-08-23
CVE-2019-15517
jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f directory traversal.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-08-23
CVE-2019-15518
Swoole before 4.2.13 allows directory traversal in swPort_http_static_handler.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-08-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved