Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2019
CVE-2019-4497
IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164118.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-10-01
CVE-2019-17056
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.
CVSS Score
3.3
EPSS Score
0.001
Published
2019-10-01
CVE-2019-17055
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.
CVSS Score
3.3
EPSS Score
0.001
Published
2019-10-01
CVE-2019-17054
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.
CVSS Score
3.3
EPSS Score
0.001
Published
2019-10-01
CVE-2019-17053
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.
CVSS Score
3.3
EPSS Score
0.001
Published
2019-10-01
CVE-2019-17052
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.
CVSS Score
3.3
EPSS Score
0.001
Published
2019-10-01
CVE-2019-15039
An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possible remote code execution issue. This was fixed in TeamCity 2019.1.
CVSS Score
9.8
EPSS Score
0.002
Published
2019-10-01
CVE-2019-14954
JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link via a cleartext http connection.
CVSS Score
5.9
EPSS Score
0.0
Published
2019-10-01
CVE-2019-14952
JetBrains YouTrack versions before 2019.1.52584 had a possible XSS in the issue titles.
CVSS Score
6.1
EPSS Score
0.0
Published
2019-10-01
CVE-2019-10435
Jenkins SourceGear Vault Plugin transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure.
CVSS Score
7.5
EPSS Score
0.0
Published
2019-10-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved