Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2019
CVE-2019-3767
Dell ImageAssist versions prior to 8.7.15 contain an information disclosure vulnerability. Dell ImageAssist stores some sensitive encrypted information in the images it creates. A privileged user of a system running an operating system that was deployed with Dell ImageAssist could potentially retrieve this sensitive information to then compromise the system and related systems.
CVSS Score
7.5
EPSS Score
0.001
Published
2019-10-14
CVE-2019-14225
OX App Suite 7.10.1 and 7.10.2 allows SSRF.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-10-14
CVE-2019-14226
OX App Suite through 7.10.2 has Insecure Permissions.
CVSS Score
8.1
EPSS Score
0.002
Published
2019-10-14
CVE-2019-14227
OX App Suite 7.10.1 and 7.10.2 allows XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-10-14
CVE-2019-16278
Known exploited
Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request.
CVSS Score
9.8
EPSS Score
0.944
Published
2019-10-14
CVE-2019-16279
A memory error in the function SSL_accept in nostromo nhttpd through 1.9.6 allows an attacker to trigger a denial of service via a crafted HTTP request.
CVSS Score
7.5
EPSS Score
0.902
Published
2019-10-14
CVE-2019-17043
An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the best1collect.exe SUID binary could allow an attacker to elevate his/her privileges to the ones of the "patrol" user by specially crafting a shared library .so file that will be loaded during execution.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-10-14
CVE-2019-17044
An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the PatrolAgent SUID binary could allow an attacker with "patrol" privileges to elevate his/her privileges to the ones of the "root" user by specially crafting a shared library .so file that will be loaded during execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-10-14
CVE-2019-16519
ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to execute unauthorized commands as root by abusing an undocumented feature in scheduled tasks.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-10-14
CVE-2019-17511
There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can get the router's log file via log_get.php, which could be used to discover the intranet network structure.
CVSS Score
7.5
EPSS Score
0.044
Published
2019-10-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved