Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2019
CVE-2019-9596
Darktrace Enterprise Immune System before 3.1 allows CSRF via the /whitelisteddomains endpoint.
CVSS Score
6.5
EPSS Score
0.021
Published
2019-10-23
CVE-2019-9597
Darktrace Enterprise Immune System before 3.1 allows CSRF via the /config endpoint.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-10-23
CVE-2019-18355
An SSRF issue was discovered in the legacy Web launcher in Thycotic Secret Server before 10.7.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-10-23
CVE-2019-18356
An XSS issue was discovered in Thycotic Secret Server before 10.7 (issue 1 of 2).
CVSS Score
6.1
EPSS Score
0.004
Published
2019-10-23
CVE-2019-18357
An XSS issue was discovered in Thycotic Secret Server before 10.7 (issue 2 of 2).
CVSS Score
6.1
EPSS Score
0.004
Published
2019-10-23
CVE-2002-2439
Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-10-23
CVE-2014-2304
A vulnerability in version 0.90 of the Open Floodlight SDN controller software could result in a denial of service attack and crashing of the controller service. This effect is the result of a flaw in OpenFlow protocol processing, where specific malformed and mistimed FEATURES_REPLY messages cause the controller service to not delete switch and port data from its internal tracking structures.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-10-23
CVE-2019-18350
In Ant Design Pro 4.0.0, reflected XSS in the user/login redirect GET parameter affects the authorization component, leading to execution of JavaScript code in the login after-action script.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-10-23
CVE-2015-9521
The Easy Digital Downloads (EDD) Pushover Notifications extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
CVSS Score
6.1
EPSS Score
0.005
Published
2019-10-23
CVE-2015-9522
The Easy Digital Downloads (EDD) QR Code extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
CVSS Score
6.1
EPSS Score
0.005
Published
2019-10-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved