Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2019
CVE-2005-4890
There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-11-04
CVE-2013-4280
Insecure temporary file vulnerability in RedHat vsdm 4.9.6.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-04
CVE-2019-13497
One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows CSRF for logout requests.
CVSS Score
6.5
EPSS Score
0.012
Published
2019-11-04
CVE-2013-4105
Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure
CVSS Score
7.5
EPSS Score
0.003
Published
2019-11-04
CVE-2019-13496
One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a man in the middle, the One Identity Defender product, and replacing a failed SAML response with a successful SAML response.
CVSS Score
8.1
EPSS Score
0.006
Published
2019-11-04
CVE-2013-2257
Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness
CVSS Score
7.5
EPSS Score
0.004
Published
2019-11-04
CVE-2013-2258
Cryptocat before 2.0.22 has Nickname User Impersonation
CVSS Score
5.3
EPSS Score
0.004
Published
2019-11-04
CVE-2013-2259
Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview
CVSS Score
9.8
EPSS Score
0.007
Published
2019-11-04
CVE-2013-2260
Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness
CVSS Score
9.8
EPSS Score
0.005
Published
2019-11-04
CVE-2019-18683
An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free.
CVSS Score
7.0
EPSS Score
0.011
Published
2019-11-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved