Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2019
CVE-2019-5644
Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may alter several facets of a user account, including promoting any user to an administrator.
CVSS Score
10.0
EPSS Score
0.019
Published
2019-11-06
CVE-2009-5048
Cookie Dump Servlet stored XSS vulnerability in jetty though 6.1.20.
CVSS Score
6.1
EPSS Score
0.008
Published
2019-11-06
CVE-2009-5049
WebApp JSP Snoop page XSS in jetty though 6.1.21.
CVSS Score
6.1
EPSS Score
0.008
Published
2019-11-06
CVE-2009-5050
konversation before 1.2.3 allows attackers to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-11-06
CVE-2010-4178
MySQL-GUI-tools (mysql-administrator) leaks passwords into process list after with launch of mysql text console
CVSS Score
5.5
EPSS Score
0.002
Published
2019-11-06
CVE-2011-1298
An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore::GraphicsContext::fillRect function.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-11-06
CVE-2016-1000037
Pagure: XSS possible in file attachment endpoint
CVSS Score
6.1
EPSS Score
0.005
Published
2019-11-06
CVE-2010-2471
Drupal versions 5.x and 6.x has open redirection
CVSS Score
6.1
EPSS Score
0.005
Published
2019-11-06
CVE-2019-6120
An issue was discovered in NiceHash Miner before 2.0.3.0. A missing rate limit while adding a wallet via Email address allows remote attackers to submit a large number of email addresses to identify valid ones. By exploiting this vulnerability with CVE-2019-6122 (Username Enumeration) an adversary can enumerate a large number of valid users' Email addresses.
CVSS Score
7.5
EPSS Score
0.005
Published
2019-11-06
CVE-2019-6121
An issue was discovered in NiceHash Miner before 2.0.3.0. Missing Authorization allows an adversary to can gain access to a miner's information about such as his recent payments, unclaimed Balance, Old Balance (at the time of December 2017 breach) , Projected payout, Mining stats like profitability, Efficiency, Number of workers, etc.. A valid Email address is required in order to retrieve this Information.
CVSS Score
3.7
EPSS Score
0.003
Published
2019-11-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved