Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  >> 8.0  Security Vulnerabilities
CVE-2020-14929
Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.
CVSS Score
7.5
EPSS Score
0.005
Published
2020-06-19
CVE-2020-8165
A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.
CVSS Score
9.8
EPSS Score
0.817
Published
2020-06-19
CVE-2020-8164
A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.
CVSS Score
7.5
EPSS Score
0.04
Published
2020-06-19
CVE-2019-13033
In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be used to upload data to a central Lynis server. Although no data can be extracted by knowing the license key, it may be possible to upload the data of additional scans.
CVSS Score
3.3
EPSS Score
0.001
Published
2020-06-18
CVE-2020-14401
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
CVSS Score
6.5
EPSS Score
0.016
Published
2020-06-17
CVE-2020-14402
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.
CVSS Score
5.4
EPSS Score
0.011
Published
2020-06-17
CVE-2020-14403
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings.
CVSS Score
5.4
EPSS Score
0.01
Published
2020-06-17
CVE-2020-14404
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.
CVSS Score
5.4
EPSS Score
0.01
Published
2020-06-17
CVE-2020-14405
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.
CVSS Score
6.5
EPSS Score
0.013
Published
2020-06-17
CVE-2018-21247
An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
CVSS Score
7.5
EPSS Score
0.013
Published
2020-06-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved