Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2018
CVE-2018-18206
In the client in Bytom before 1.0.6, checkTopicRegister in p2p/discover/net.go does not prevent negative idx values, leading to a crash.
CVSS Score
7.5
EPSS Score
0.005
Published
2018-10-10
CVE-2018-18202
The QLogic 4Gb Fibre Channel 5.5.2.6.0 and 4/8Gb SAN 7.10.1.20.0 modules for IBM BladeCenter have an undocumented support account with a support password, an undocumented diags account with a diags password, and an undocumented prom account with a prom password.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-10-10
CVE-2018-18201
qibosoft V7.0 allows CSRF via admin/index.php?lfj=member&action=addmember to add a user account.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-10-09
CVE-2018-7633
Code injection in the /ui/login form Language parameter in Epicentro E_7.3.2+ allows attackers to execute JavaScript code by making a user issue a manipulated POST request.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-10-09
CVE-2018-17963
qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.
CVSS Score
9.8
EPSS Score
0.024
Published
2018-10-09
CVE-2018-18198
The $opener_input_field variable in addons/mediapool/pages/index.php in REDAXO 5.6.3 is not effectively filtered and is output directly to the page. The attacker can insert XSS payloads via an index.php?page=mediapool/media&opener_input_field=[XSS] request.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-10-09
CVE-2018-18199
Mediamanager in REDAXO before 5.6.4 has XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-10-09
CVE-2018-18200
There is a SQL injection in Benutzerverwaltung in REDAXO before 5.6.4.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-10-09
CVE-2018-7631
Buffer Overflow in httpd in EpiCentro E_7.3.2+ allows attackers to execute code remotely via a specially crafted GET request without a leading "/" and without authentication.
CVSS Score
9.8
EPSS Score
0.01
Published
2018-10-09
CVE-2018-7632
Buffer Overflow in httpd in EpiCentro E_7.3.2+ allows attackers to cause a denial of service attack remotely via a specially crafted GET request with a leading "/" in the URL.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-10-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved