Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2023
CVE-2023-26756
The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. NOTE: The vendor's position is that this is effectively mitigated by rate limits and password-quality features.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-04-14
CVE-2023-27193
An issue found in DUALSPACE v.1.1.3 allows a local attacker to gain privileges via the key_ad_new_user_avoid_time field.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-04-14
CVE-2023-27643
An issue found in POWERAMP 925-bundle-play and Poweramp 954-uni allows a remote attacker to cause a denial of service via the Rescan button in Queue and Select Folders button in Library
CVSS Score
7.5
EPSS Score
0.003
Published
2023-04-14
CVE-2023-27648
Directory Traversal vulnerability found in T-ME Studios Change Color of Keypad v.1.275.1.277 allows a remote attacker to execute arbitrary code via the dex file in the internal storage.
CVSS Score
9.8
EPSS Score
0.027
Published
2023-04-14
CVE-2023-27649
SQL injection vulnerability found in Trusted Tools Free Music v.2.1.0.47, v.2.0.0.46, v.1.9.1.45, v.1.8.2.43 allows a remote attacker to cause a denial of service via the search history table
CVSS Score
7.5
EPSS Score
0.002
Published
2023-04-14
CVE-2023-27651
An issue found in Ego Studio SuperClean v.1.1.9 and v.1.1.5 allows an attacker to gain privileges via the update_info field of the _default_.xml file.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-04-14
CVE-2023-27653
An issue found in WHOv.1.0.28, v.1.0.30, v.1.0.32 allows an attacker to cause a denial of service via the SharedPreference files.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-04-14
CVE-2023-27666
Auto Dealer Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the name parameter at /classes/SystemSettings.php?f=update_settings.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-04-14
CVE-2023-29569
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via ffi_cb_impl_wpwwwww at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS).
CVSS Score
5.5
EPSS Score
0.0
Published
2023-04-14
CVE-2023-29584
mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the MP4GetVideoProfileLevel function at /src/mp4.cpp.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-04-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved