Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2023
CVE-2022-46966
Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-01-26
CVE-2023-0455
Unrestricted Upload of File with Dangerous Type in GitHub repository unilogies/bumsys prior to v1.0.3-beta.
CVSS Score
7.6
EPSS Score
0.04
Published
2023-01-26
CVE-2023-0470
Cross-site Scripting (XSS) - Stored in GitHub repository modoboa/modoboa prior to 2.0.4.
CVSS Score
7.1
EPSS Score
0.002
Published
2023-01-26
CVE-2023-0488
Cross-site Scripting (XSS) - Stored in GitHub repository pyload/pyload prior to 0.5.0b3.dev42.
CVSS Score
9.6
EPSS Score
0.003
Published
2023-01-26
CVE-2023-0509
Improper Certificate Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev44.
CVSS Score
7.4
EPSS Score
0.003
Published
2023-01-26
CVE-2022-42493
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is reachable through the m2m's DOWNLOAD_INFO command.
CVSS Score
9.8
EPSS Score
0.005
Published
2023-01-26
CVE-2022-44263
Dentsply Sirona Sidexis <= 4.3 is vulnerable to Incorrect Access Control.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-01-26
CVE-2022-44264
Dentsply Sirona Sidexis <= 4.3 is vulnerable to Unquoted Service Path.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-01-26
CVE-2022-45770
Improper input validation in adgnetworkwfpdrv.sys in Adguard For Windows x86 through 7.11 allows local privilege escalation.
CVSS Score
7.8
EPSS Score
0.005
Published
2023-01-26
CVE-2022-47951
An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data.
CVSS Score
5.7
EPSS Score
0.005
Published
2023-01-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved