Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2020
CVE-2012-3808
Samsung Kies before 2.5.0.12094_27_11 has arbitrary file modification.
CVSS Score
7.5
EPSS Score
0.259
Published
2020-01-09
CVE-2012-3809
Samsung Kies before 2.5.0.12094_27_11 has arbitrary directory modification.
CVSS Score
7.5
EPSS Score
0.259
Published
2020-01-09
CVE-2012-3810
Samsung Kies before 2.5.0.12094_27_11 has registry modification.
CVSS Score
7.5
EPSS Score
0.259
Published
2020-01-09
CVE-2019-20372
NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.
CVSS Score
5.3
EPSS Score
0.708
Published
2020-01-09
CVE-2012-2226
Invision Power Board before 3.3.1 fails to sanitize user-supplied input which could allow remote attackers to obtain sensitive information or execute arbitrary code by uploading a malicious file.
CVSS Score
9.8
EPSS Score
0.13
Published
2020-01-09
CVE-2012-2931
PHP code injection in TinyWebGallery before 1.8.8 allows remote authenticated users with admin privileges to inject arbitrary code into the .htusers.php file.
CVSS Score
7.2
EPSS Score
0.009
Published
2020-01-09
CVE-2012-3490
The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.021
Published
2020-01-09
CVE-2012-4434
fwknop before 2.0.3 allow remote authenticated users to cause a denial of service (server crash) or possibly execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.028
Published
2020-01-09
CVE-2012-5558
Cross-site scripting (XSS) vulnerability in the Smiley module 6.x-1.x versions prior to 6.x-1.1 and Smileys module 6.x-1.x versions prior to 6.x-1.1 for Drupal allows remote authenticated users with the "administer smiley" permission to inject arbitrary web script or HTML via a smiley acronym.
CVSS Score
4.8
EPSS Score
0.002
Published
2020-01-09
CVE-2019-18859
Digi AnywhereUSB 14 allows XSS via a link for the Digi Page.
CVSS Score
6.1
EPSS Score
0.007
Published
2020-01-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved