Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2018
CVE-2018-16779
BlogCMS through 2016-10-25 has XSS via a comment.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-09-10
CVE-2018-16780
Complete Responsive CMS Blog through 2018-05-20 has XSS via a comment.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-09-10
CVE-2018-16781
ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause a denial of service (FPE signal) via a progressive JPEG file that lacks an AC Huffman table.
CVSS Score
6.5
EPSS Score
0.006
Published
2018-09-10
CVE-2018-16782
libimageworsener.a in ImageWorsener 1.3.2 has a buffer overflow in the bmpr_read_rle_internal function in imagew-bmp.c.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-09-10
CVE-2018-16768
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in IR::FunctionValidationContext::end.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-09-10
CVE-2018-16769
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because libRuntime.so!llvm::InstructionCombiningPass::runOnFunction is mishandled.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-09-10
CVE-2018-16770
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because a certain new_allocator allocate call fails.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-09-10
CVE-2018-16771
Hoosk v1.7.0 allows PHP code execution via a SiteUrl that is provided during installation and mishandled in config.php.
CVSS Score
9.8
EPSS Score
0.012
Published
2018-09-10
CVE-2018-16772
Hoosk v1.7.0 allows XSS via the Navigation Title of a new page entered at admin/pages/new.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-09-10
CVE-2018-16773
EasyCMS 1.5 allows XSS via the index.php?s=/admin/fields/update/navTabId/listfields/callbackType/closeCurrent content field.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-09-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved