Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2017
CVE-2016-3695
The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set.
CVSS Score
5.5
EPSS Score
0.0
Published
2017-12-29
CVE-2017-16876
Cross-site scripting (XSS) vulnerability in the _keyify function in mistune.py in Mistune before 0.8.1 allows remote attackers to inject arbitrary web script or HTML by leveraging failure to escape the "key" argument.
CVSS Score
6.1
EPSS Score
0.006
Published
2017-12-29
CVE-2017-17968
A buffer overflow vulnerability in NetTransport.exe in NetTransport Download Manager 2.96L and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long HTTP response.
CVSS Score
9.8
EPSS Score
0.557
Published
2017-12-29
CVE-2014-4914
The Zend_Db_Select::order function in Zend Framework before 1.12.7 does not properly handle parentheses, which allows remote attackers to conduct SQL injection attacks via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.036
Published
2017-12-29
CVE-2017-17967
pptreader.dll in Kingsoft WPS Office 10.1.0.6930 allows remote attackers to cause a denial of service via a crafted PPT file, aka CNVD-2017-35482.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-12-28
CVE-2017-17948
Cells Blog 3.5 has XSS via the jfdname parameter in an act=showpic request.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-12-28
CVE-2017-17949
Cells Blog 3.5 has XSS via the pub_readpost.php fmid parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-12-28
CVE-2017-17950
Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid parameter.
CVSS Score
8.8
EPSS Score
0.002
Published
2017-12-28
CVE-2017-17951
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2017-12-28
CVE-2017-17952
PHP Scripts Mall PHP Multivendor Ecommerce has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address.
CVSS Score
8.6
EPSS Score
0.002
Published
2017-12-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved