Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2024
CVE-2024-25388
drivers/wlan/wlan_mgmt,c in RT-Thread through 5.0.2 has an integer signedness error and resultant buffer overflow.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-03-27
CVE-2024-25389
RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L * seed + 2531011L; return (seed >> 16) & 0x7FFF;" in calc_random in drivers/misc/rt_random.c.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-03-27
CVE-2024-25390
A heap buffer overflow occurs in finsh/msh_file.c and finsh/msh.c in RT-Thread through 5.0.2.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-03-27
CVE-2024-25391
A stack buffer overflow occurs in libc/posix/ipc/mqueue.c in RT-Thread through 5.0.2.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-03-27
CVE-2024-25392
An out-of-bounds access occurs in utilities/var_export/var_export.c in RT-Thread through 5.0.2.
CVSS Score
5.9
EPSS Score
0.0
Published
2024-03-27
CVE-2024-25393
A stack buffer overflow occurs in net/at/src/at_server.c in RT-Thread through 5.0.2.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-03-27
CVE-2024-25394
A buffer overflow occurs in utilities/ymodem/ry_sy.c in RT-Thread through 5.0.2 because of an incorrect sprintf call or a missing '\0' character.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-03-27
CVE-2024-25395
A buffer overflow occurs in utilities/rt-link/src/rtlink.c in RT-Thread through 5.0.2.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-03-27
CVE-2024-2940
A vulnerability classified as problematic was found in Campcodes Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /adminpanel/admin/facebox_modal/updateCourse.php. The manipulation of the argument id leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258031.
CVSS Score
3.5
EPSS Score
0.002
Published
2024-03-27
CVE-2024-2934
A vulnerability classified as critical was found in SourceCodester Todo List in Kanban Board 1.0. Affected by this vulnerability is an unknown functionality of the file /endpoint/delete-todo.php. The manipulation of the argument list leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258013 was assigned to this vulnerability.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-03-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved