Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2024
CVE-2024-3786
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through Device Synchronizations (/admin/DeviceReplication). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.
CVSS Score
6.6
EPSS Score
0.005
Published
2024-04-15
CVE-2024-31421
Missing Authorization vulnerability in supsystic Popup by Supsystic popup-by-supsystic.This issue affects Popup by Supsystic: from n/a through <= 1.10.27.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-04-15
CVE-2024-31384
Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Spa and Salon.This issue affects Spa and Salon: from n/a through 1.2.7.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-04-15
CVE-2024-31374
Cross-Site Request Forgery (CSRF) vulnerability in Scott Bolinger AppPresser apppresser allows Cross Site Request Forgery.This issue affects AppPresser: from n/a through <= 4.3.0.
CVSS Score
4.3
EPSS Score
0.003
Published
2024-04-15
CVE-2024-31378
Cross-Site Request Forgery (CSRF) vulnerability in MailMunch MailChimp Forms by MailMunch.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.1.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-04-15
CVE-2024-31382
Cross-Site Request Forgery (CSRF) vulnerability in creativethemeshq Blocksy blocksy.This issue affects Blocksy: from n/a through <= 2.0.22.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-04-15
CVE-2024-23911
Out-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 NDP packets exists in Cente middleware TCP/IP Network Series, which may allow an unauthenticated attacker to stop the device operations by sending a specially crafted packet.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-04-15
CVE-2024-26023
OS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execute arbitrary OS commands.
CVSS Score
4.2
EPSS Score
0.002
Published
2024-04-15
CVE-2024-28099
VT STUDIO Ver.8.32 and earlier contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-04-15
CVE-2024-28894
Out-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 headers exists in Cente middleware TCP/IP Network Series, which may allow an unauthenticated attacker to stop the device operations by sending a specially crafted packet.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-04-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved