Shodan
Vulnerabilities
Vulnerable Software
Fedoraproject:  >> Fedora  Security Vulnerabilities
CVE-2017-12170
Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has security implications because of overriding security-related configuration. This issue doesn't affect upstream version of pure-ftpd.
CVSS Score
9.8
EPSS Score
0.003
Published
2017-09-21
CVE-2015-5607
Cross-site request forgery in the REST API in IPython 2 and 3.
CVSS Score
8.8
EPSS Score
0.003
Published
2017-09-20
CVE-2015-1854
389 Directory Server before 1.3.3.10 allows attackers to bypass intended access restrictions and modify directory entries via a crafted ldapmodrdn call.
CVSS Score
7.5
EPSS Score
0.016
Published
2017-09-19
CVE-2015-3420
The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disabled, allow remote attackers to cause a denial of service (login process crash) via vectors related to handshake failures.
CVSS Score
5.9
EPSS Score
0.076
Published
2017-09-19
CVE-2017-11462
Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.
CVSS Score
9.8
EPSS Score
0.011
Published
2017-09-13
CVE-2017-6362
Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.
CVSS Score
7.5
EPSS Score
0.014
Published
2017-09-07
CVE-2015-5705
Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and crafted filename.
CVSS Score
7.5
EPSS Score
0.008
Published
2017-09-06
CVE-2017-13749
There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
CVSS Score
7.5
EPSS Score
0.01
Published
2017-08-29
CVE-2017-13750
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack.
CVSS Score
7.5
EPSS Score
0.016
Published
2017-08-29
CVE-2017-13751
There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
CVSS Score
7.5
EPSS Score
0.01
Published
2017-08-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved