Shodan
Vulnerabilities
Vulnerable Software
Redhat:  Security Vulnerabilities
CVE-2019-19880
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.
CVSS Score
7.5
EPSS Score
0.064
Published
2019-12-18
CVE-2014-3536
CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during registration
CVSS Score
5.5
EPSS Score
0.001
Published
2019-12-15
CVE-2014-3652
JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-12-15
CVE-2014-3699
eDeploy has RCE via cPickle deserialization of untrusted data
CVSS Score
9.8
EPSS Score
0.01
Published
2019-12-15
CVE-2014-3701
eDeploy has tmp file race condition flaws
CVSS Score
8.1
EPSS Score
0.005
Published
2019-12-15
CVE-2014-0241
rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable
CVSS Score
5.5
EPSS Score
0.001
Published
2019-12-13
CVE-2014-0175
mcollective has a default password set at install
CVSS Score
9.8
EPSS Score
0.006
Published
2019-12-13
CVE-2014-0197
CFME: CSRF protection vulnerability via permissive check of the referrer header
CVSS Score
8.8
EPSS Score
0.004
Published
2019-12-13
CVE-2019-16777
Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of packages that also create a serve binary would overwrite the previous serve binary. This behavior is still allowed in local installations and also through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.
CVSS Score
7.7
EPSS Score
0.004
Published
2019-12-13
CVE-2019-16775
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenode_modules folder through the bin field upon installation. A properly constructed entry in the package.json bin field would allow a package publisher to create a symlink pointing to arbitrary files on a user's system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.
CVSS Score
7.7
EPSS Score
0.003
Published
2019-12-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved