Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2018
CVE-2018-17588
AirTies Air 5021 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-10-02
CVE-2018-17589
AirTies Air 5650 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-10-02
CVE-2018-17590
AirTies Air 5442 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-10-02
CVE-2018-17591
AirTies Air 5343v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-10-02
CVE-2018-15563
_core/admin/pages/add/ in Subrion CMS 4.2.1 has XSS via the titles[en] parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-10-02
CVE-2018-6261
NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled which sets incorrect permissions on a file, which may to code execution, denial of service, or escalation of privileges by users with system access.
CVSS Score
7.0
EPSS Score
0.0
Published
2018-10-02
CVE-2018-6262
NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled where limited sensitive user information may be available to users with system access, which may lead to information disclosure.
CVSS Score
2.5
EPSS Score
0.001
Published
2018-10-02
CVE-2018-1692
IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 145583.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-10-02
CVE-2018-1557
IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142955.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-10-02
CVE-2018-1558
IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142956.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-10-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved