Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2024
CVE-2024-21383
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVSS Score
3.3
EPSS Score
0.002
Published
2024-01-26
CVE-2024-21385
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVSS Score
8.3
EPSS Score
0.004
Published
2024-01-26
CVE-2024-21387
Microsoft Edge for Android Spoofing Vulnerability
CVSS Score
5.3
EPSS Score
0.042
Published
2024-01-26
CVE-2024-0456
An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that they created within the project
CVSS Score
4.3
EPSS Score
0.001
Published
2024-01-26
CVE-2023-5933
An issue has been discovered in GitLab CE/EE affecting all versions after 13.7 before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. Improper input sanitization of user name allows arbitrary API PUT requests.
CVSS Score
6.4
EPSS Score
0.038
Published
2024-01-26
CVE-2024-0402
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace.
CVSS Score
9.9
EPSS Score
0.371
Published
2024-01-26
CVE-2024-23630
An arbitrary firmware upload vulnerability exists in the Motorola MR2600. An attacker can exploit this vulnerability to achieve code execution on the device. Authentication is required, however can be bypassed.
CVSS Score
9.0
EPSS Score
0.001
Published
2024-01-26
CVE-2024-23627
A command injection vulnerability exists in the 'SaveStaticRouteIPv4Params' parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed.
CVSS Score
9.0
EPSS Score
0.012
Published
2024-01-26
CVE-2024-23628
A command injection vulnerability exists in the 'SaveStaticRouteIPv6Params' parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed.
CVSS Score
9.0
EPSS Score
0.001
Published
2024-01-26
CVE-2024-23629
An authentication bypass vulnerability exists in the web component of the Motorola MR2600. An attacker can exploit this vulnerability to access protected URLs and retrieve sensitive information.
CVSS Score
9.6
EPSS Score
0.001
Published
2024-01-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved