Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2024
CVE-2024-2538
The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_save_permalink' function in all versions up to, and including, 2.4.3.1. This makes it possible for authenticated attackers, with author access and above, to modify the permalinks of arbitrary posts.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-03-20
CVE-2024-28577
Null Pointer Dereference vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the jpeg_read_exif_profile_raw() function when reading images in JPEG format.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-03-20
CVE-2024-28578
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the Load() function when reading images in RAS format.
CVSS Score
8.4
EPSS Score
0.001
Published
2024-03-20
CVE-2024-28579
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_Unload() function when reading images in HDR format.
CVSS Score
6.2
EPSS Score
0.0
Published
2024-03-20
CVE-2024-28580
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the ReadData() function when reading images in RAS format.
CVSS Score
8.4
EPSS Score
0.001
Published
2024-03-20
CVE-2024-28581
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the _assignPixel<>() function when reading images in TARGA format.
CVSS Score
8.4
EPSS Score
0.001
Published
2024-03-20
CVE-2024-28582
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the rgbe_RGBEToFloat() function when reading images in HDR format.
CVSS Score
8.4
EPSS Score
0.001
Published
2024-03-20
CVE-2024-28571
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the fill_input_buffer() function when reading images in JPEG format.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-03-20
CVE-2024-28572
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_SetTagValue() function when reading images in JPEG format.
CVSS Score
6.2
EPSS Score
0.0
Published
2024-03-20
CVE-2024-28573
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the jpeg_read_exif_profile() function when reading images in JPEG format.
CVSS Score
6.2
EPSS Score
0.0
Published
2024-03-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved