Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2020
CVE-2020-9635
Adobe Framemaker versions 2019.0.5 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.155
Published
2020-06-12
CVE-2020-9636
Adobe Framemaker versions 2019.0.5 and below have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.137
Published
2020-06-12
CVE-2020-9643
Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
7.5
EPSS Score
0.011
Published
2020-06-12
CVE-2020-9644
Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting (stored) vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser.
CVSS Score
5.4
EPSS Score
0.06
Published
2020-06-12
CVE-2020-9645
Adobe Experience Manager versions 6.5 and earlier have a blind server-side request forgery (ssrf) vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
7.5
EPSS Score
0.011
Published
2020-06-12
CVE-2020-9647
Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting (dom-based) vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser.
CVSS Score
6.1
EPSS Score
0.14
Published
2020-06-12
CVE-2020-4251
IBM API Connect 5.0.0.0 through 5.0.8.8 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 175489.
CVSS Score
5.4
EPSS Score
0.002
Published
2020-06-12
CVE-2020-3928
GeoVision Door Access Control device family is hardcoded with a root password, which adopting an identical password in all devices.
CVSS Score
6.2
EPSS Score
0.001
Published
2020-06-12
CVE-2020-3929
GeoVision Door Access Control device family employs shared cryptographic private keys for SSH and HTTPS. Attackers may conduct MITM attack with the derived keys and plaintext recover of encrypted messages.
CVSS Score
5.9
EPSS Score
0.001
Published
2020-06-12
CVE-2020-3930
GeoVision Door Access Control device family improperly stores and controls access to system logs, any users can read these logs.
CVSS Score
4.0
EPSS Score
0.001
Published
2020-06-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved