Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2023
CVE-2023-23566
A 2-Step Verification problem in Axigen 10.3.3.52 allows an attacker to access a mailbox by bypassing 2-Step Verification when they try to add an account to any third-party webmail service (or add an account to Outlook or Gmail, etc.) with IMAP or POP3 without any verification code.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-01-13
CVE-2022-42286
DGX A100 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, or escalation of privileges.
CVSS Score
6.0
EPSS Score
0.001
Published
2023-01-13
CVE-2022-42287
NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure and data tampering.
CVSS Score
6.0
EPSS Score
0.001
Published
2023-01-13
CVE-2022-42288
NVIDIA BMC contains a vulnerability in IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid BMC username, which may lead to an information disclosure.
CVSS Score
5.3
EPSS Score
0.004
Published
2023-01-13
CVE-2022-42289
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering.
CVSS Score
7.2
EPSS Score
0.005
Published
2023-01-13
CVE-2022-42290
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering.
CVSS Score
7.2
EPSS Score
0.005
Published
2023-01-13
CVE-2022-42278
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can read and write to arbitrary locations within the memory context of the IPMI server process, which may lead to code execution, denial of service, information disclosure and data tampering.
CVSS Score
7.2
EPSS Score
0.004
Published
2023-01-13
CVE-2022-42279
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering.
CVSS Score
7.2
EPSS Score
0.006
Published
2023-01-13
CVE-2022-42280
NVIDIA BMC contains a vulnerability in SPX REST auth handler, where an un-authorized attacker can exploit a path traversal, which may lead to authentication bypass.
CVSS Score
7.1
EPSS Score
0.0
Published
2023-01-13
CVE-2022-42281
NVIDIA DGX A100 contains a vulnerability in SBIOS in the FsRecovery, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure.
CVSS Score
6.7
EPSS Score
0.001
Published
2023-01-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved