Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2024
CVE-2023-48126
An issue in Luxe Beauty Clinic mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
CVSS Score
5.4
EPSS Score
0.002
Published
2024-01-26
CVE-2023-48127
An issue in myGAKUYA mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
CVSS Score
5.4
EPSS Score
0.002
Published
2024-01-26
CVE-2023-38319
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the FAS key entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-01-26
CVE-2023-38323
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the status path script entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-01-26
CVE-2023-38317
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-01-26
CVE-2023-38318
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-01-26
CVE-2023-5612
An issue has been discovered in GitLab affecting all versions before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. It was possible to read the user email address via tags feed although the visibility in the user profile has been disabled.
CVSS Score
5.3
EPSS Score
0.324
Published
2024-01-26
CVE-2023-6159
An issue has been discovered in GitLab CE/EE affecting all versions from 12.7 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 It was possible for an attacker to trigger a Regular Expression Denial of Service via a `Cargo.toml` containing maliciously crafted input.
CVSS Score
6.5
EPSS Score
0.006
Published
2024-01-26
CVE-2024-21326
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVSS Score
9.6
EPSS Score
0.008
Published
2024-01-26
CVE-2024-21382
Microsoft Edge for Android Information Disclosure Vulnerability
CVSS Score
4.3
EPSS Score
0.01
Published
2024-01-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved