Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2019
CVE-2012-0049
OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.
CVSS Score
4.3
EPSS Score
0.006
Published
2019-11-07
CVE-2012-0051
Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval.
CVSS Score
7.4
EPSS Score
0.014
Published
2019-11-07
CVE-2019-18815
PopojiCMS 2.0.1 allows refer= Open Redirection.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-11-07
CVE-2019-18816
po-admin/route.php?mod=post&act=edit in PopojiCMS 2.0.1 allows post[1][content]= stored XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-11-07
CVE-2011-2353
Use after free vulnerability in documentloader in WebKit in Google Chrome before Blink M13 in DocumentWriter::replaceDocument function.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-11-07
CVE-2011-2807
Incorrect handling of timer information in Timer.cpp in WebKit in Google Chrome before Blink M13.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-11-07
CVE-2010-2243
A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERIC_TIME systems (GENERIC_TIME=n), accessing /sys/devices/system/clocksource/clocksource0/current_clocksource results in an OOPS.
CVSS Score
7.5
EPSS Score
0.008
Published
2019-11-07
CVE-2019-17222
An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the configuration).
CVSS Score
6.1
EPSS Score
0.003
Published
2019-11-07
CVE-2019-17604
An Insecure Direct Object Reference (IDOR) vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to change other candidates' personal information (first name, last name, email, CV, phone number, and all other personal information) by changing the value of the candidate id (the id parameter).
CVSS Score
4.3
EPSS Score
0.002
Published
2019-11-07
CVE-2019-17605
A mass assignment vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to take over another candidate's account (by also exploiting CVE-2019-17604) via a modified candidate id and an additional password parameter. The outcome is that the password of this other candidate is changed.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-11-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved