Shodan
Vulnerabilities
Vulnerable Software
Fedoraproject:  >> Fedora  Security Vulnerabilities
CVE-2014-9114
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-03-31
CVE-2016-8884
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-03-28
CVE-2016-9243
HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size.
CVSS Score
7.5
EPSS Score
0.017
Published
2017-03-27
CVE-2017-5330
ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.
CVSS Score
7.8
EPSS Score
0.005
Published
2017-03-27
CVE-2016-10132
regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to regular expression compilation.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-03-24
CVE-2016-9398
The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.041
Published
2017-03-23
CVE-2016-9399
The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.021
Published
2017-03-23
CVE-2016-8887
The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference).
CVSS Score
5.5
EPSS Score
0.002
Published
2017-03-23
CVE-2016-9397
The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.018
Published
2017-03-23
CVE-2016-6225
xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector (IV) for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6394.
CVSS Score
5.9
EPSS Score
0.003
Published
2017-03-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved