Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2017
CVE-2015-5675
The sys_amd64 IRET Handler in the kernel in FreeBSD 9.3 and 10.1 allows local users to gain privileges or cause a denial of service (kernel panic).
CVSS Score
7.8
EPSS Score
0.001
Published
2017-10-10
CVE-2015-6521
Multiple cross-site scripting (XSS) vulnerabilities in ATutor LMS version 2.2.
CVSS Score
5.4
EPSS Score
0.002
Published
2017-10-10
CVE-2015-6918
salt before 2015.5.5 leaks git usernames and passwords to the log.
CVSS Score
6.3
EPSS Score
0.003
Published
2017-10-10
CVE-2015-7384
Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.009
Published
2017-10-10
CVE-2015-7503
Zend Framework before 2.4.9, zend-framework/zend-crypt 2.4.x before 2.4.9, and 2.5.x before 2.5.2 allows remote attackers to recover the RSA private key.
CVSS Score
7.5
EPSS Score
0.002
Published
2017-10-10
CVE-2015-7778
Gurunavi App for iOS before 6.0.0 does not verify SSL certificates which could allow remote attackers to perform man-in-the-middle attacks.
CVSS Score
5.9
EPSS Score
0.007
Published
2017-10-10
CVE-2015-8239
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.
CVSS Score
7.0
EPSS Score
0.009
Published
2017-10-10
CVE-2014-9092
libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.
CVSS Score
6.5
EPSS Score
0.013
Published
2017-10-10
CVE-2015-2856
Directory traversal vulnerability in the template function in function.inc in Accellion File Transfer Appliance devices before FTA_9_11_210 allows remote attackers to read arbitrary files via a .. (dot dot) in the statecode cookie.
CVSS Score
7.5
EPSS Score
0.712
Published
2017-10-10
CVE-2017-12860
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.In addition to the password, each projector has a hardcoded "backdoor" code (2270), which authenticates to all devices.
CVSS Score
9.8
EPSS Score
0.035
Published
2017-10-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved