Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2024
CVE-2024-26308
Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26. Users are recommended to upgrade to version 1.26, which fixes the issue.
CVSS Score
5.5
EPSS Score
0.004
Published
2024-02-19
CVE-2024-25710
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue.
CVSS Score
8.1
EPSS Score
0.0
Published
2024-02-19
CVE-2024-24722
An unquoted service path vulnerability in the 12d Synergy Server and File Replication Server components may allow an attacker to gain elevated privileges via the 12d Synergy Server and/or 12d Synergy File Replication Server executable service path. This is fixed in 4.3.10.192, 5.1.5.221, and 5.1.6.235.
CVSS Score
9.1
EPSS Score
0.002
Published
2024-02-19
CVE-2024-26328
An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interaction with hw/nvme/ctrl.c is mishandled.
CVSS Score
6.0
EPSS Score
0.0
Published
2024-02-19
CVE-2024-26327
An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-02-19
CVE-2024-26318
Serenity before 6.8.0 allows XSS via an email link because LoginPage.tsx permits return URLs that do not begin with a / character.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-02-19
CVE-2020-36774
plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service (application crash).
CVSS Score
5.5
EPSS Score
0.0
Published
2024-02-19
CVE-2022-48624
close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE.
CVSS Score
7.8
EPSS Score
0.004
Published
2024-02-19
CVE-2023-6249
Signed to unsigned conversion esp32_ipm_send
CVSS Score
8.0
EPSS Score
0.002
Published
2024-02-18
CVE-2023-5779
can: out of bounds in remove_rx_filter function
CVSS Score
4.4
EPSS Score
0.001
Published
2024-02-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved