Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In December 2019
CVE-2019-6192
A potential vulnerability has been reported in Lenovo Power Management Driver versions prior to 1.67.17.48 leading to a buffer overflow which could cause a denial of service.
CVSS Score
4.4
EPSS Score
0.014
Published
2019-12-10
CVE-2019-4095
IBM Cloud Pak System 2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 158015.
CVSS Score
5.3
EPSS Score
0.001
Published
2019-12-10
CVE-2019-4244
IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote attacker to gain unauthorized information and unrestricted control over Zookeeper installations due to missing authentication. IBM X-Force ID: 159518.
CVSS Score
9.1
EPSS Score
0.007
Published
2019-12-10
CVE-2019-4521
Platform System Manager in IBM Cloud Pak System 2.3 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 165179.
CVSS Score
7.0
EPSS Score
0.01
Published
2019-12-10
CVE-2019-4663
IBM WebSphere Application Server - Liberty is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 171245.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-12-10
CVE-2019-19251
The Last.fm desktop app (Last.fm Scrobbler) through 2.1.39 on macOS makes HTTP requests that include an API key without the use of SSL/TLS. Although there is an Enable SSL option, it is disabled by default, and cleartext requests are made as soon as the app starts.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-12-10
CVE-2013-2159
Monkey HTTP Daemon: broken user name authentication
CVSS Score
9.8
EPSS Score
0.005
Published
2019-12-10
CVE-2013-2166
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass
CVSS Score
9.8
EPSS Score
0.001
Published
2019-12-10
CVE-2013-2167
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass
CVSS Score
9.8
EPSS Score
0.008
Published
2019-12-10
CVE-2013-2183
Monkey HTTP Daemon has local security bypass
CVSS Score
7.1
EPSS Score
0.001
Published
2019-12-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved