Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2018
CVE-2018-19122
An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c.
CVSS Score
4.3
EPSS Score
0.003
Published
2018-11-09
CVE-2018-19124
PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 on Windows allows remote attackers to write to arbitrary image files.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-11-09
CVE-2018-19125
PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to delete an image directory.
CVSS Score
7.5
EPSS Score
0.167
Published
2018-11-09
CVE-2018-19126
PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to execute arbitrary code via a file upload.
CVSS Score
9.8
EPSS Score
0.559
Published
2018-11-09
CVE-2018-19128
In Libav 12.3, there is a heap-based buffer over-read in decode_frame in libavcodec/lcldec.c that allows an attacker to cause denial-of-service via a crafted avi file.
CVSS Score
6.5
EPSS Score
0.002
Published
2018-11-09
CVE-2018-19129
In Libav 12.3, a NULL pointer dereference (RIP points to zero) issue in ff_mpa_synth_filter_float in libavcodec/mpegaudiodsp_template.c can cause a segmentation fault (application crash) via a crafted mov file.
CVSS Score
6.5
EPSS Score
0.002
Published
2018-11-09
CVE-2018-19130
In Libav 12.3, there is an invalid memory access in vc1_decode_frame in libavcodec/vc1dec.c that allows attackers to cause a denial-of-service via a crafted aac file. NOTE: This may be a duplicate of CVE-2017-17127
CVSS Score
6.5
EPSS Score
0.003
Published
2018-11-09
CVE-2018-19131
Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.
CVSS Score
6.1
EPSS Score
0.079
Published
2018-11-09
CVE-2018-19132
Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.
CVSS Score
5.9
EPSS Score
0.107
Published
2018-11-09
CVE-2016-9749
IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated user with access to the local network to bypass security due to lack of input validation. IBM X-Force ID: 120206.
CVSS Score
4.0
EPSS Score
0.0
Published
2018-11-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved