Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2019
CVE-2019-4652
IBM Spectrum Protect Plus 10.1.0 through 10.1.4 uses insecure file permissions on restored files and directories in Windows which could allow a local user to obtain sensitive information or perform unauthorized actions. IBM X-Force ID: 170963.
CVSS Score
5.1
EPSS Score
0.001
Published
2019-11-12
CVE-2011-3618
atop: symlink attack possible due to insecure tempfile handling
CVSS Score
7.8
EPSS Score
0.001
Published
2019-11-12
CVE-2012-1109
mwlib 0.13 through 0.13.4 has a denial of service vulnerability when parsing #iferror magic functions
CVSS Score
7.5
EPSS Score
0.007
Published
2019-11-12
CVE-2019-18848
The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string.
CVSS Score
7.5
EPSS Score
0.005
Published
2019-11-12
CVE-2011-5271
Pacemaker before 1.1.6 configure script creates temporary files insecurely
CVSS Score
5.5
EPSS Score
0.004
Published
2019-11-12
CVE-2014-3599
HornetQ REST is vulnerable to XML External Entity due to insecure configuration of RestEasy
CVSS Score
6.5
EPSS Score
0.004
Published
2019-11-12
CVE-2014-7143
Python Twisted 14.0 trustRoot is not respected in HTTP client
CVSS Score
7.5
EPSS Score
0.004
Published
2019-11-12
CVE-2018-18819
A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 (7.3.0.601) and earlier, and 8.0 (8.0.0.40) through 8.0 SP2 FP2 (8.0.2.202), and MiVoice Business Express versions 7.3 PR3 (7.3.1.302) and earlier, and 8.0 (8.0.0.40) through 8.0 SP2 FP1 (8.0.2.202), could allow creation of unauthorized chat sessions, due to insufficient access controls. A successful exploit could allow execution of arbitrary commands.
CVSS Score
5.3
EPSS Score
0.003
Published
2019-11-12
CVE-2019-18658
In Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a maliciously designed chart to include sensitive content such as /etc/passwd, or to execute a denial of service (DoS) via a special file such as /dev/urandom, via symlinks. No version of Tiller is known to be impacted. This is a client-only issue.
CVSS Score
9.8
EPSS Score
0.006
Published
2019-11-12
CVE-2019-18817
Istio 1.3.x before 1.3.5 allows Denial of Service because continue_on_listener_filters_timeout is set to True, a related issue to CVE-2019-18836.
CVSS Score
7.5
EPSS Score
0.005
Published
2019-11-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved