Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2017
CVE-2017-1000210
picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack
CVSS Score
9.8
EPSS Score
0.008
Published
2017-11-17
CVE-2017-1000213
WBCE v1.1.11 is vulnerable to reflected XSS via the "begriff" POST parameter in /admin/admintools/tool.php?tool=user_search
CVSS Score
4.8
EPSS Score
0.002
Published
2017-11-17
CVE-2017-1000220
soyuka/pidusage <=1.1.4 is vulnerable to command injection in the module resulting in arbitrary command execution
CVSS Score
9.8
EPSS Score
0.118
Published
2017-11-17
CVE-2017-1000218
LightFTP version 1.1 is vulnerable to a buffer overflow in the "writelogentry" function resulting a denial of services or a remote code execution.
CVSS Score
9.8
EPSS Score
0.023
Published
2017-11-17
CVE-2017-1000219
npm/KyleRoss windows-cpu all versions vulnerable to command injection resulting in code execution as Node.js user
CVSS Score
9.8
EPSS Score
0.033
Published
2017-11-17
CVE-2017-1000224
CSRF in YouTube (WordPress plugin) could allow unauthenticated attacker to change any setting within the plugin
CVSS Score
6.5
EPSS Score
0.002
Published
2017-11-17
CVE-2017-15517
AltaVault OST Plug-in versions prior to 1.2.2 may allow attackers to obtain sensitive information via unspecified vectors. All users are urged to move to a fixed version and change passwords used by Veritas NetBackup to access the OST shares on the NetApp AltaVault as a precaution.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-11-17
CVE-2017-0850
An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-64836941.
CVSS Score
5.3
EPSS Score
0.001
Published
2017-11-16
CVE-2017-0851
An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-35430570.
CVSS Score
5.3
EPSS Score
0.001
Published
2017-11-16
CVE-2017-0852
A denial of service vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0. Android ID: A-62815506.
CVSS Score
7.5
EPSS Score
0.001
Published
2017-11-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved