Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2017
CVE-2017-15217
ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-10-10
CVE-2017-15218
ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-10-10
CVE-2017-9683
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing a meta image, an integer overflow can occur, if user-defined image offset and size values are too large.
CVSS Score
7.8
EPSS Score
0.0
Published
2017-10-10
CVE-2017-13675
A denial of service (DoS) attack in Symantec Endpoint Encryption before SEE 11.1.3HF2 allows remote attackers to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network.
CVSS Score
4.2
EPSS Score
0.005
Published
2017-10-10
CVE-2017-13679
A denial of service (DoS) attack in Symantec Encryption Desktop before SED 10.4.1 MP2HF1 allows remote attackers to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network.
CVSS Score
4.2
EPSS Score
0.003
Published
2017-10-10
CVE-2017-12623
An authorized user could upload a template which contained malicious code and accessed sensitive files via an XML External Entity (XXE) attack. The fix to properly handle XML External Entities was applied on the Apache NiFi 1.4.0 release. Users running a prior 1.x release should upgrade to the appropriate release.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-10-10
CVE-2017-15216
MISP before 2.4.81 has a potential reflected XSS in a quickDelete action that is used to delete a sighting, related to app/View/Sightings/ajax/quickDeleteConfirmationForm.ctp and app/webroot/js/misp.js.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-10-10
CVE-2008-7315
UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands.
CVSS Score
9.8
EPSS Score
0.048
Published
2017-10-10
CVE-2015-2988
Rakuten card App for iOS 5.2.0 through 5.2.4 does not verify SSL certificates which might allow remote attackers to execute man-in-the-middle attacks.
CVSS Score
7.4
EPSS Score
0.007
Published
2017-10-10
CVE-2015-5639
niconico App for iOS before 6.38 does not verify SSL certificates which could allow remote attackers to execute man-in-the-middle attacks.
CVSS Score
7.4
EPSS Score
0.006
Published
2017-10-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved