Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  Security Vulnerabilities
CVE-2018-14721
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.
CVSS Score
10.0
EPSS Score
0.105
Published
2019-01-02
CVE-2018-19360
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.
CVSS Score
9.8
EPSS Score
0.106
Published
2019-01-02
CVE-2018-19361
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.
CVSS Score
9.8
EPSS Score
0.106
Published
2019-01-02
CVE-2018-19362
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.
CVSS Score
9.8
EPSS Score
0.106
Published
2019-01-02
CVE-2019-3500
aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file.
CVSS Score
7.8
EPSS Score
0.004
Published
2019-01-02
CVE-2018-20650
A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach.
CVSS Score
6.5
EPSS Score
0.027
Published
2019-01-01
CVE-2018-20622
JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used.
CVSS Score
6.5
EPSS Score
0.029
Published
2018-12-31
CVE-2018-20584
JasPer 2.0.14 allows remote attackers to cause a denial of service (application hang) via an attempted conversion to the jp2 format.
CVSS Score
6.5
EPSS Score
0.029
Published
2018-12-30
CVE-2018-20549
There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19.
CVSS Score
8.8
EPSS Score
0.018
Published
2018-12-28
CVE-2018-20570
jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read.
CVSS Score
6.5
EPSS Score
0.022
Published
2018-12-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved