Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2017
CVE-2015-5666
ANA App for Android 3.1.1 and earlier, and ANA App for iOS 3.3.6 and earlier does not verify SSL certificates.
CVSS Score
5.9
EPSS Score
0.006
Published
2017-09-25
CVE-2015-5704
scripts/licensecheck.pl in devscripts before 2.15.7 allows local users to execute arbitrary shell commands.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-09-25
CVE-2015-6592
Huawei UAP2105 before V300R012C00SPC160(BootRom) does not require authentication to the serial port or the VxWorks shell.
CVSS Score
6.8
EPSS Score
0.001
Published
2017-09-25
CVE-2015-7293
Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and earlier, and Plone before 5.x.
CVSS Score
8.8
EPSS Score
0.003
Published
2017-09-25
CVE-2015-7510
Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd.
CVSS Score
9.8
EPSS Score
0.005
Published
2017-09-25
CVE-2015-7544
redhat-support-plugin-rhev in Red Hat Enterprise Virtualization Manager (aka RHEV Manager) before 3.6 allows remote authenticated users with the SuperUser role on any Entity to execute arbitrary commands on any host in the RHEV environment.
CVSS Score
9.1
EPSS Score
0.009
Published
2017-09-25
CVE-2015-7785
GANMA! App for iOS does not verify SSL certificates.
CVSS Score
5.9
EPSS Score
0.003
Published
2017-09-25
CVE-2015-7846
Huawei S7700, S9700, S9300 before V200R07C00SPC500, and AR200, AR1200, AR2200, AR3200 before V200R005C20SPC200 allows attackers with physical access to the CF card to obtain sensitive information.
CVSS Score
4.6
EPSS Score
0.0
Published
2017-09-25
CVE-2015-8251
OpenStage 60 and OpenScape Desk Phone IP 55G SIP V3, OpenStage 15, 20E, 20 and 40 and OpenScape Desk Phone IP 35G SIP V3, OpenScape Desk Phone IP 35G Eco SIP V3, OpenStage 60 and OpenScape Desk Phone IP 55G HFA V3, OpenStage 15, 20E, 20, and 40 and OpenScape Desk Phone IP 35G HFA V3, and OpenScape Desk Phone IP 35G Eco HFA V3 use non-unique X.509 certificates and SSH host keys.
CVSS Score
5.9
EPSS Score
0.002
Published
2017-09-25
CVE-2015-8375
Cross-site scripting (XSS) vulnerability in PHP-Fusion 9.
CVSS Score
5.4
EPSS Score
0.002
Published
2017-09-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved