Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  >> 8.0  Security Vulnerabilities
CVE-2019-18790
An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x before 13.29.2, 16.x before 16.6.2, and 17.x before 17.0.1, and Certified Asterisk 13.21 before cert5. A SIP request can be sent to Asterisk that can change a SIP peer's IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peer's name; authentication details such as passwords do not need to be known. This vulnerability is only exploitable when the nat option is set to the default, or auto_force_rport.
CVSS Score
6.5
EPSS Score
0.074
Published
2019-11-22
CVE-2015-5694
Designate does not enforce the DNS protocol limit concerning record set sizes
CVSS Score
6.5
EPSS Score
0.009
Published
2019-11-22
CVE-2015-7810
libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files
CVSS Score
4.7
EPSS Score
0.001
Published
2019-11-22
CVE-2014-5255
xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. Note: A different vulnerability than CVE-2014-5254.
CVSS Score
7.0
EPSS Score
0.001
Published
2019-11-21
CVE-2019-19204
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read.
CVSS Score
7.5
EPSS Score
0.089
Published
2019-11-21
CVE-2014-1936
rc before 1.7.1-5 insecurely creates temporary files.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-11-21
CVE-2014-1935
9base 1:6-6 and 1:6-7 insecurely creates temporary files which results in predictable filenames.
CVSS Score
5.3
EPSS Score
0.005
Published
2019-11-21
CVE-2014-0083
The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-21
CVE-2012-2350
pam_shield before 0.9.4: Default configuration does not perform protective action
CVSS Score
7.5
EPSS Score
0.004
Published
2019-11-21
CVE-2012-3543
mono 2.10.x ASP.NET Web Form Hash collision DoS
CVSS Score
7.5
EPSS Score
0.011
Published
2019-11-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved