Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In December 2018
CVE-2017-16909
An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image.
CVSS Score
8.8
EPSS Score
0.006
Published
2018-12-07
CVE-2017-16910
An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-12-07
CVE-2018-5800
An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.
CVSS Score
6.5
EPSS Score
0.023
Published
2018-12-07
CVE-2018-5801
An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.
CVSS Score
6.5
EPSS Score
0.014
Published
2018-12-07
CVE-2018-5802
An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
CVSS Score
8.8
EPSS Score
0.007
Published
2018-12-07
CVE-2018-5804
A type confusion error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a division by zero.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-12-07
CVE-2018-5805
A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash.
CVSS Score
8.8
EPSS Score
0.006
Published
2018-12-07
CVE-2018-5806
An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-12-07
CVE-2018-5807
An error within the "samsung_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
CVSS Score
8.8
EPSS Score
0.005
Published
2018-12-07
CVE-2018-7063
In Aruba ClearPass, disabled API admins can still perform read/write operations. In certain circumstances, API admins in ClearPass which have been disabled may still be able to perform read/write operations on parts of the XML API. This can lead to unauthorized access to the API and complete compromise of the ClearPass instance if an attacker knows of the existence of these accounts.
CVSS Score
8.1
EPSS Score
0.005
Published
2018-12-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved