Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2019
CVE-2019-17418
An issue was discovered in MetInfo 7.0. There is SQL injection via the admin/?n=language&c=language_general&a=doSearchParameter appno parameter, a different issue than CVE-2019-16997.
CVSS Score
7.2
EPSS Score
0.928
Published
2019-10-10
CVE-2019-17419
An issue was discovered in MetInfo 7.0. There is SQL injection via the admin/?n=user&c=admin_user&a=doGetUserInfo id parameter.
CVSS Score
7.2
EPSS Score
0.003
Published
2019-10-10
CVE-2019-17420
In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-10-10
CVE-2019-5700
NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra software contains a vulnerability in the bootloader, where it does not validate the fields of the boot image, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.
CVSS Score
7.8
EPSS Score
0.0
Published
2019-10-09
CVE-2019-17109
Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege Escalation.
CVSS Score
6.5
EPSS Score
0.006
Published
2019-10-09
CVE-2019-17365
Nix through 2.3 allows local users to gain access to an arbitrary user's account because the parent directory of the user-profile directories is world writable.
CVSS Score
7.8
EPSS Score
0.0
Published
2019-10-09
CVE-2019-17366
Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-10-09
CVE-2019-17414
tinylcy Vino through 2017-12-15 allows remote attackers to cause a denial of service ("vn_get_string error: Resource temporarily unavailable" error and daemon crash) via a long URL.
CVSS Score
7.5
EPSS Score
0.009
Published
2019-10-09
CVE-2019-17415
A Structured Exception Handler (SEH) based buffer overflow in File Sharing Wizard 1.5.0 26-8-2008 allows remote unauthenticated attackers to execute arbitrary code via the HTTP DELETE method, a similar issue to CVE-2019-16724 and CVE-2010-2331.
CVSS Score
9.8
EPSS Score
0.051
Published
2019-10-09
CVE-2019-5699
NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra bootloader contains a vulnerability where the software performs an incorrect bounds check, which may lead to buffer overflow resulting in escalation of privileges and code execution. escalation of privileges, and information disclosure, code execution, denial of service, or escalation of privileges.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-10-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved