Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2018
CVE-2018-1149
cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests.
CVSS Score
9.8
EPSS Score
0.167
Published
2018-09-19
CVE-2018-1150
NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists.
CVSS Score
7.3
EPSS Score
0.005
Published
2018-09-19
CVE-2017-1794
IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7 are vulnerable to both TEPS user privilege escalation and possible denial of service due to unconstrained memory growth. IBM X-Force ID: 137039.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-09-19
CVE-2018-3573
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while relocating kernel images with a specially crafted boot image, an out of bounds access can occur.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-09-19
CVE-2018-3574
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, userspace can request ION cache maintenance on a secure ION buffer for which the ION_FLAG_SECURE ion flag is not set and cause the kernel to attempt to perform cache maintenance on memory which does not belong to HLOS.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-09-19
CVE-2018-5905
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a race condition while accessing num of clients in DIAG services can lead to out of boundary access.
CVSS Score
7.0
EPSS Score
0.0
Published
2018-09-19
CVE-2018-8017
In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an infinite loop in the IptcAnpaParser.
CVSS Score
5.5
EPSS Score
0.036
Published
2018-09-19
CVE-2018-11893
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing vendor scan request, when input argument - length of request IEs is greater than maximum can lead to a buffer overflow.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-09-19
CVE-2018-11894
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing preferred network offload scan results integer overflow may lead to buffer overflow when large frame length is received from FW.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-09-19
CVE-2018-11895
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper length check Validation in WLAN function can lead to driver writes the default rsn capabilities to the memory not allocated to the frame.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-09-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved