Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2019
CVE-2010-3373
paxtest handles temporary files insecurely
CVSS Score
5.5
EPSS Score
0.001
Published
2019-10-29
CVE-2010-3375
qtparted has insecure library loading which may allow arbitrary code execution
CVSS Score
9.8
EPSS Score
0.011
Published
2019-10-29
CVE-2010-4237
Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack.
CVSS Score
5.9
EPSS Score
0.003
Published
2019-10-29
CVE-2011-0428
Cross Site Scripting (XSS) in ikiwiki before 3.20110122 could allow remote attackers to insert arbitrary JavaScript due to insufficient checking in comments.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-10-29
CVE-2019-4307
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 160987.
CVSS Score
5.1
EPSS Score
0.001
Published
2019-10-29
CVE-2019-4309
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses hard coded credentials which could allow a local user to obtain highly sensitive information. IBM X-Force ID: 161035.
CVSS Score
5.9
EPSS Score
0.001
Published
2019-10-29
CVE-2019-4311
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 161037.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-10-29
CVE-2019-4314
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores sensitive information in cleartext within a resource that might be accessible to another control sphere. IBM X-Force ID: 1610141.
CVSS Score
5.9
EPSS Score
0.001
Published
2019-10-29
CVE-2019-4329
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 161209.
CVSS Score
4.3
EPSS Score
0.001
Published
2019-10-29
CVE-2019-4330
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 does not set the secure attribute for cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session. IBM X-Force ID: 161210.
CVSS Score
3.1
EPSS Score
0.003
Published
2019-10-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved