Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2017
CVE-2017-12946
classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in a delete action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators.
CVSS Score
7.2
EPSS Score
0.005
Published
2017-08-18
CVE-2017-12947
classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in an untrash action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators.
CVSS Score
7.2
EPSS Score
0.005
Published
2017-08-18
CVE-2017-12948
Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier for WordPress has XSS in the PATH_INFO to wp-admin/admin.php, related to PHP_SELF.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-08-18
CVE-2017-12949
lib\modules\contributors\contributor_list_table.php in the Podlove Podcast Publisher plugin 2.5.3 and earlier for WordPress has SQL injection in the orderby parameter to wp-admin/admin.php, exploitable through CSRF.
CVSS Score
8.8
EPSS Score
0.007
Published
2017-08-18
CVE-2017-8253
In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-08-18
CVE-2017-8254
In all Qualcomm products with Android releases from CAF using the Linux kernel, an audio client pointer is dereferenced before being checked if it is valid.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-08-18
CVE-2017-8255
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in boot.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-08-18
CVE-2017-8256
In all Qualcomm products with Android releases from CAF using the Linux kernel, array out of bounds access can occur if userspace sends more than 16 multicast addresses.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-08-18
CVE-2017-8257
In all Qualcomm products with Android releases from CAF using the Linux kernel, when accessing the sde_rotator debug interface for register reading with multiple processes, one process can free the debug buffer while another process still has the debug buffer in use.
CVSS Score
7.8
EPSS Score
0.0
Published
2017-08-18
CVE-2017-8260
In all Qualcomm products with Android releases from CAF using the Linux kernel, due to a type downcast, a value may improperly pass validation and cause an out of bounds write later.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-08-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved