Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2019
CVE-2019-20063
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-12-29
CVE-2019-20056
stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has an assertion failure in stbi__shiftsigned.
CVSS Score
6.5
EPSS Score
0.005
Published
2019-12-29
CVE-2019-20057
com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in Proxyman for macOS 1.11.0 and earlier allows an attacker to change the System Proxy and redirect all traffic to an attacker-controlled computer, enabling MITM attacks.
CVSS Score
3.7
EPSS Score
0.002
Published
2019-12-29
CVE-2019-20058
Bolt 3.7.0, if Symfony Web Profiler is used, allows XSS because unsanitized search?search= input is shown on the _profiler page. NOTE: this is disputed because profiling was never intended for use in production. This is related to CVE-2018-12040
CVSS Score
6.1
EPSS Score
0.003
Published
2019-12-29
CVE-2019-20055
LuquidPixels LiquiFire OS 4.8.0 allows SSRF via the call%3Durl substring followed by a URL in square brackets.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-12-29
CVE-2019-20054
In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-12-28
CVE-2019-20051
A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95. The vulnerability causes an application crash, which leads to denial of service.
CVSS Score
5.5
EPSS Score
0.003
Published
2019-12-27
CVE-2019-20052
A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not consider the rank==0 case.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-12-27
CVE-2019-20053
An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
CVSS Score
5.5
EPSS Score
0.004
Published
2019-12-27
CVE-2014-5289
Buffer overflow in Senkas Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a POST request.
CVSS Score
9.8
EPSS Score
0.232
Published
2019-12-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved