Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  >> 7.0  Security Vulnerabilities
CVE-2018-5332
In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).
CVSS Score
7.8
EPSS Score
0.001
Published
2018-01-11
CVE-2018-5333
In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.
CVSS Score
5.5
EPSS Score
0.021
Published
2018-01-11
CVE-2015-2320
The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback.
CVSS Score
9.8
EPSS Score
0.048
Published
2018-01-08
CVE-2018-5294
In libming 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the readUInt32 function (util/read.c). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file.
CVSS Score
6.5
EPSS Score
0.006
Published
2018-01-08
CVE-2018-5268
In OpenCV 3.3.1, a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in modules/imgcodecs/src/grfmt_jpeg2000.cpp when parsing a crafted image file.
CVSS Score
5.5
EPSS Score
0.003
Published
2018-01-08
CVE-2018-5269
In OpenCV 3.3.1, an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast.
CVSS Score
5.5
EPSS Score
0.005
Published
2018-01-08
CVE-2018-5251
In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative value) in the readSBits function (util/read.c). Remote attackers can leverage this vulnerability to cause a denial of service via a crafted swf file.
CVSS Score
6.5
EPSS Score
0.006
Published
2018-01-05
CVE-2017-5715
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVSS Score
5.6
EPSS Score
0.91
Published
2018-01-04
CVE-2017-1000487
Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.
CVSS Score
9.8
EPSS Score
0.115
Published
2018-01-03
CVE-2017-1000476
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.
CVSS Score
6.5
EPSS Score
0.006
Published
2018-01-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved