Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2019
CVE-2007-6745
clamav 0.91.2 suffers from a floating point exception when using ScanOLE2.
CVSS Score
9.8
EPSS Score
0.007
Published
2019-11-07
CVE-2008-3278
frysk packages through 2008-08-05 as shipped in Red Hat Enterprise Linux 5 are built with an insecure RPATH set in the ELF header of multiple binaries in /usr/bin/f* (e.g. fcore, fcatch, fstack, fstep, ...) shipped in the package. A local attacker can exploit this vulnerability by running arbitrary code as another user.
CVSS Score
7.8
EPSS Score
0.0
Published
2019-11-07
CVE-2013-1771
The web server Monkeyd produces a world-readable log (/var/log/monkeyd/master.log) on gentoo.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-11-07
CVE-2013-1809
Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories.
CVSS Score
7.5
EPSS Score
0.017
Published
2019-11-07
CVE-2013-1811
An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New".
CVSS Score
4.3
EPSS Score
0.003
Published
2019-11-07
CVE-2007-3732
In Linux 2.6 before 2.6.23, the TRACE_IRQS_ON function in iret_exc calls a C function without ensuring that the segments are set properly. The kernel's %fs needs to be restored before the call in TRACE_IRQS_ON and before enabling interrupts, so that "current" references work. Without this, "current" used in the window between iret_exc and the middle of error_code where %fs is reset, would crash.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-11-07
CVE-2007-3915
Mondo 2.24 has insecure handling of temporary files.
CVSS Score
9.1
EPSS Score
0.004
Published
2019-11-07
CVE-2007-5743
viewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-11-07
CVE-2013-1429
Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks.
CVSS Score
6.3
EPSS Score
0.01
Published
2019-11-07
CVE-2013-1751
TWiki before 5.1.4 allows remote attackers to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value containing Perl backtick characters.
CVSS Score
9.8
EPSS Score
0.047
Published
2019-11-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved