Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2023
CVE-2022-43391
A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.
CVSS Score
6.5
EPSS Score
0.014
Published
2023-01-11
CVE-2022-43392
A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request.
CVSS Score
6.5
EPSS Score
0.006
Published
2023-01-11
CVE-2022-43393
An improper check for unusual or exceptional conditions in the HTTP request processing function of Zyxel GS1920-24v2 firmware prior to V4.70(ABMH.8)C0, which could allow an unauthenticated attacker to corrupt the contents of the memory and result in a denial-of-service (DoS) condition on a vulnerable device.
CVSS Score
8.2
EPSS Score
0.01
Published
2023-01-11
CVE-2022-48252
The jokob-sk/Pi.Alert fork (before 22.12.20) of Pi.Alert allows Remote Code Execution via nmap_scan.php (scan parameter) OS Command Injection.
CVSS Score
9.8
EPSS Score
0.043
Published
2023-01-11
CVE-2023-22947
Insecure folder permissions in the Windows installation path of Shibboleth Service Provider (SP) before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt (rather than C:\Program Files) by default. NOTE: the vendor disputes the significance of this report, stating that "We consider the ACLs a best effort thing" and "it was a documentation mistake."
CVSS Score
7.3
EPSS Score
0.001
Published
2023-01-11
CVE-2023-22945
In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related properties.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-01-11
CVE-2023-21784
3D Builder Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.04
Published
2023-01-10
CVE-2023-21785
3D Builder Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.02
Published
2023-01-10
CVE-2023-21786
3D Builder Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.039
Published
2023-01-10
CVE-2023-21787
3D Builder Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.02
Published
2023-01-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved