Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2023
CVE-2023-23039
An issue was discovered in the Linux kernel through 6.2.0-rc2. drivers/tty/vcc.c has a race condition and resultant use-after-free if a physically proximate attacker removes a VCC device while calling open(), aka a race condition between vcc_open() and vcc_remove().
CVSS Score
5.7
EPSS Score
0.0
Published
2023-02-22
CVE-2022-41216
Local File Inclusion vulnerability within Cloudflow allows attackers to retrieve confidential information from the system.
CVSS Score
8.3
EPSS Score
0.001
Published
2023-02-22
CVE-2022-41217
Cloudflow contains a unauthenticated file upload vulnerability, which makes it possible for an attacker to upload malicious files to the CLOUDFLOW PROOFSCOPE built-in storage.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-02-22
CVE-2023-23063
Cellinx NVT v1.0.6.002b was discovered to contain a local file disclosure vulnerability via the component /cgi-bin/GetFileContent.cgi.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-02-22
CVE-2023-0949
Cross-site Scripting (XSS) - Reflected in GitHub repository modoboa/modoboa prior to 2.0.5.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-02-22
CVE-2023-26314
The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.
CVSS Score
8.8
EPSS Score
0.005
Published
2023-02-22
CVE-2023-24107
hour_of_code_python_2015 commit 520929797b9ca43bb818b2e8f963fb2025459fa3 was discovered to contain a code execution backdoor via the request package (requirements.txt). This vulnerability allows attackers to access sensitive user information and execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-02-22
CVE-2023-24108
MvcTools 6d48cd6830fc1df1d8c9d61caa1805fd6a1b7737 was discovered to contain a code execution backdoor via the request package (requirements.txt). This vulnerability allows attackers to access sensitive user information and execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-02-22
CVE-2023-0947
Path Traversal in GitHub repository flatpressblog/flatpress prior to 1.3.
CVSS Score
8.1
EPSS Score
0.759
Published
2023-02-22
CVE-2022-2883
In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of Service
CVSS Score
7.5
EPSS Score
0.002
Published
2023-02-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved