Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2017
CVE-2015-6673
Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32.
CVSS Score
9.8
EPSS Score
0.012
Published
2017-09-20
CVE-2015-7347
Cross-site scripting (XSS) vulnerability in ZCMS JavaServer Pages Content Management System 1.1.
CVSS Score
4.8
EPSS Score
0.002
Published
2017-09-20
CVE-2017-14595
In Joomla! before 3.8.0, a logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state.
CVSS Score
3.7
EPSS Score
0.001
Published
2017-09-20
CVE-2017-14596
In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password.
CVSS Score
9.8
EPSS Score
0.04
Published
2017-09-20
CVE-2017-14609
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command, as demonstrated by bearerbox.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-09-20
CVE-2017-14610
bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command.
CVSS Score
7.8
EPSS Score
0.0
Published
2017-09-20
CVE-2014-9758
Cross-site scripting (XSS) vulnerability in Magento E-Commerce Platform 1.9.0.1.
CVSS Score
6.1
EPSS Score
0.001
Published
2017-09-20
CVE-2015-0162
IBM Security SiteProtector System 3.0, 3.1, and 3.1.1 allows local users to gain privileges.
CVSS Score
7.0
EPSS Score
0.001
Published
2017-09-20
CVE-2015-1865
fts.c in coreutils 8.4 allows local users to delete arbitrary files.
CVSS Score
4.7
EPSS Score
0.001
Published
2017-09-20
CVE-2015-1866
Cross-site scripting (XSS) vulnerability in Ember.js 1.10.x before 1.10.1 and 1.11.x before 1.11.2.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-09-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved