Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2018
CVE-2017-2751
A BIOS password extraction vulnerability has been reported on certain consumer notebooks with firmware F.22 and others. The BIOS password was stored in CMOS in a way that allowed it to be extracted. This applies to consumer notebooks launched in early 2014.
CVSS Score
4.6
EPSS Score
0.044
Published
2018-10-03
CVE-2018-17408
Stack-based buffer overflows in Zahir Accounting Enterprise Plus 6 through build 10b allow remote attackers to execute arbitrary code via a crafted CSV file that is accessed through the Import CSV File menu.
CVSS Score
7.8
EPSS Score
0.62
Published
2018-10-03
CVE-2018-17969
Samsung SCX-6545X V2.00.03.01 03-23-2012 devices allows remote attackers to discover cleartext credentials via iso.3.6.1.4.1.236.11.5.11.81.10.1.5.0 and iso.3.6.1.4.1.236.11.5.11.81.10.1.6.0 SNMP requests.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-10-03
CVE-2018-12087
Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords.
CVSS Score
5.3
EPSS Score
0.0
Published
2018-10-03
CVE-2018-17053
Cross-site scripting (XSS) vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17054.
CVSS Score
6.1
EPSS Score
0.001
Published
2018-10-03
CVE-2018-17054
Cross-site scripting (XSS) vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17053.
CVSS Score
6.1
EPSS Score
0.001
Published
2018-10-03
CVE-2018-17965
ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-10-03
CVE-2018-17966
ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-10-03
CVE-2018-17967
ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage in coders/bgr.c.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-10-03
CVE-2018-16048
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Missing Authorization Control for API Repository Storage.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-10-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved