Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2023
CVE-2023-24182
LuCI openwrt-22.03 branch git-22.361.69894-438c598 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component /system/sshkeys.js.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-04-11
CVE-2023-27191
An issue found in DUALSPACE Super Secuirty v.2.3.7 allows an attacker to cause a denial of service via the SharedPreference files.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-04-11
CVE-2023-28340
Zoho ManageEngine Applications Manager through 16320 allows the admin user to conduct an XXE attack.
CVSS Score
6.5
EPSS Score
0.007
Published
2023-04-11
CVE-2023-28341
Stored Cross site scripting (XSS) vulnerability in Zoho ManageEngine Applications Manager through 16340 allows an unauthenticated user to inject malicious javascript on the incorrect login details page.
CVSS Score
6.1
EPSS Score
0.864
Published
2023-04-11
CVE-2022-38604
Wacom Driver 6.3.46-1 for Windows and lower was discovered to contain an arbitrary file deletion vulnerability.
CVSS Score
7.3
EPSS Score
0.047
Published
2023-04-11
CVE-2022-43293
Wacom Driver 6.3.46-1 for Windows was discovered to contain an arbitrary file write vulnerability via the component \Wacom\Wacom_Tablet.exe.
CVSS Score
5.9
EPSS Score
0.013
Published
2023-04-11
CVE-2023-1668
A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.
CVSS Score
8.2
EPSS Score
0.001
Published
2023-04-10
CVE-2023-1916
A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x.
CVSS Score
6.1
EPSS Score
0.0
Published
2023-04-10
CVE-2023-24721
A cross-site scripting (XSS) vulnerability in LiveAction LiveSP v21.1.2 allows attackers to execute arbitrary web scripts or HTML.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-04-10
CVE-2023-26467
A man in the middle can redirect traffic to a malicious server in a compromised configuration.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-04-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved