Shodan
Vulnerabilities
Vulnerable Software
Redhat:  Security Vulnerabilities
CVE-2011-3923
Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands.
CVSS Score
9.8
EPSS Score
0.911
Published
2019-11-01
CVE-2013-3718
evince is missing a check on number of pages which can lead to a segmentation fault
CVSS Score
5.5
EPSS Score
0.005
Published
2019-11-01
CVE-2013-4751
php-symfony2-Validator has loss of information during serialization
CVSS Score
8.1
EPSS Score
0.006
Published
2019-11-01
CVE-2019-5010
An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.
CVSS Score
5.9
EPSS Score
0.054
Published
2019-10-31
CVE-2010-2548
IcedTea6 before 1.7.4 does not properly check property access, which allows unsigned apps to read and write arbitrary files.
CVSS Score
9.1
EPSS Score
0.003
Published
2019-10-31
CVE-2010-2783
IcedTea6 before 1.7.4 allow unsigned apps to read and write arbitrary files, related to Extended JNLP Services.
CVSS Score
9.1
EPSS Score
0.004
Published
2019-10-31
CVE-2010-0737
A missing permission check was found in The CLI in JBoss Operations Network before 2.3.1 does not properly check permissions, which allows JBoss ON users to perform management tasks and configuration changes with the privileges of the administrator user.
CVSS Score
8.0
EPSS Score
0.001
Published
2019-10-30
CVE-2018-5742
While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. Affects RedHat versions bind-9.9.4-65.el7 -> bind-9.9.4-72.el7. No ISC releases are affected. Other packages from other distributions who made the same error may also be affected.
CVSS Score
5.9
EPSS Score
0.013
Published
2019-10-30
CVE-2019-0205
In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings.
CVSS Score
7.5
EPSS Score
0.007
Published
2019-10-29
CVE-2019-0210
In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data.
CVSS Score
7.5
EPSS Score
0.012
Published
2019-10-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved