Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2024
CVE-2023-48792
Zoho ManageEngine ADAudit Plus through 7250 is vulnerable to SQL Injection in the report export option.
CVSS Score
9.8
EPSS Score
0.086
Published
2024-02-02
CVE-2023-48793
Zoho ManageEngine ADAudit Plus through 7250 allows SQL Injection in the aggregate report feature.
CVSS Score
9.8
EPSS Score
0.086
Published
2024-02-02
CVE-2023-50328
IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via URL query strings. IBM X-Force ID: 275110.
CVSS Score
3.7
EPSS Score
0.0
Published
2024-02-02
CVE-2023-50934
IBM PowerSC 1.3, 2.0, and 2.1 uses single-factor authentication which can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme. IBM X-Force ID: 275114.
CVSS Score
5.3
EPSS Score
0.0
Published
2024-02-02
CVE-2023-50933
IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 275113.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-02-02
CVE-2023-50936
IBM PowerSC 1.3, 2.0, and 2.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 275116.
CVSS Score
6.3
EPSS Score
0.0
Published
2024-02-02
CVE-2023-50937
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275117.
CVSS Score
5.9
EPSS Score
0.0
Published
2024-02-02
CVE-2023-50940
IBM PowerSC 1.3, 2.0, and 2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. IBM X-Force ID: 275130.
CVSS Score
5.3
EPSS Score
0.0
Published
2024-02-02
CVE-2024-21399
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS Score
8.3
EPSS Score
0.003
Published
2024-02-02
CVE-2023-50326
IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 275107.
CVSS Score
7.5
EPSS Score
0.0
Published
2024-02-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved