Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2018
CVE-2018-16646
In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack.
CVSS Score
6.5
EPSS Score
0.021
Published
2018-09-06
CVE-2018-16647
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.
CVSS Score
5.5
EPSS Score
0.005
Published
2018-09-06
CVE-2018-16648
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow.
CVSS Score
5.5
EPSS Score
0.002
Published
2018-09-06
CVE-2018-12234
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4.0 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the flexiportal/GeneralInfo.aspx strAction parameter.
CVSS Score
6.1
EPSS Score
0.048
Published
2018-09-06
CVE-2018-14366
download.cgi in Pulse Secure Pulse Connect Secure 8.1RX before 8.1R13 and 8.3RX before 8.3R4 and Pulse Policy Secure through 5.2RX before 5.2R10 and 5.4RX before 5.4R4 have an Open Redirect Vulnerability.
CVSS Score
6.1
EPSS Score
0.001
Published
2018-09-06
CVE-2018-15726
The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Privilege Escalation Vulnerability.
CVSS Score
5.3
EPSS Score
0.002
Published
2018-09-06
CVE-2018-15749
The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Format String Vulnerability.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-09-06
CVE-2018-15865
The Pulse Secure Desktop (macOS) has a Privilege Escalation Vulnerability.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-09-06
CVE-2018-16643
The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-09-06
CVE-2018-16644
There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.
CVSS Score
6.5
EPSS Score
0.003
Published
2018-09-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved