Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2023
CVE-2023-1201
Improper access control in the secure messages feature in Devolutions Server 2022.3.12 and below allows an authenticated attacker that possesses the message UUID to access the data it contains.
CVSS Score
6.5
EPSS Score
0.003
Published
2023-03-10
CVE-2023-1203
Improper removal of sensitive data in the entry edit feature of Hub Business submodule in Devolutions Remote Desktop Manager PowerShell Module 2022.3.1.5 and earlier allows an authenticated user to access sensitive data on entries that were edited using the affected submodule.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-03-10
CVE-2023-1246
Files or Directories Accessible to External Parties vulnerability in Saysis Starcities allows Collect Data from Common Resource Locations.This issue affects Starcities: through 1.3.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-03-10
CVE-2023-24975
IBM Spectrum Symphony 7.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 247030.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-03-10
CVE-2023-25143
An uncontrolled search path element vulnerability in the Trend Micro Apex One Server installer could allow an attacker to achieve a remote code execution state on affected products.
CVSS Score
9.8
EPSS Score
0.035
Published
2023-03-10
CVE-2023-25144
An improper access control vulnerability in the Trend Micro Apex One agent could allow a local attacker to gain elevated privileges and create arbitrary directories with arbitrary ownership.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-03-10
CVE-2022-43902
IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS is vulnerable to a denial of service attack caused by specially crafted PCF or MQSC messages. IBM X-Force ID: 240832.
CVSS Score
6.5
EPSS Score
0.004
Published
2023-03-10
CVE-2022-47453
In wcn service, there is a possible missing params check. This could lead to local denial of service in wcn service.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-03-10
CVE-2022-47454
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-03-10
CVE-2022-47455
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-03-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved