Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In December 2019
CVE-2019-19537
In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer, aka CID-303911cfc5b9. This affects drivers/usb/core/file.c.
CVSS Score
4.2
EPSS Score
0.001
Published
2019-12-03
CVE-2019-19523
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79.
CVSS Score
4.6
EPSS Score
0.001
Published
2019-12-03
CVE-2019-19524
In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.
CVSS Score
4.6
EPSS Score
0.001
Published
2019-12-03
CVE-2019-19525
In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.
CVSS Score
4.6
EPSS Score
0.001
Published
2019-12-03
CVE-2019-19526
In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098.
CVSS Score
4.6
EPSS Score
0.001
Published
2019-12-03
CVE-2019-19527
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.
CVSS Score
6.8
EPSS Score
0.0
Published
2019-12-03
CVE-2019-4098
IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158020.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-12-03
CVE-2019-4130
IBM Cloud Pak System 2.3 and 2.3.0.1 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-Force ID: 158280.
CVSS Score
9.0
EPSS Score
0.018
Published
2019-12-03
CVE-2019-4226
IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 159243.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-12-03
CVE-2019-4465
IBM Cloud Pak System 2.3 and 2.3.0.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 163774.
CVSS Score
4.0
EPSS Score
0.001
Published
2019-12-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved