Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2023
CVE-2023-27804
H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DelvsList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.
CVSS Score
4.9
EPSS Score
0.001
Published
2023-04-07
CVE-2023-27805
H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.
CVSS Score
4.9
EPSS Score
0.001
Published
2023-04-07
CVE-2023-27806
H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_dellist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.
CVSS Score
4.9
EPSS Score
0.001
Published
2023-04-07
CVE-2023-27807
H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.
CVSS Score
4.9
EPSS Score
0.001
Published
2023-04-07
CVE-2023-27808
H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.
CVSS Score
4.9
EPSS Score
0.001
Published
2023-04-07
CVE-2023-27810
H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.
CVSS Score
4.9
EPSS Score
0.001
Published
2023-04-07
CVE-2023-27876
IBM TRIRIGA 4.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 249975.
CVSS Score
7.1
EPSS Score
0.0
Published
2023-04-07
CVE-2022-34333
IBM Sterling Order Management 10.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 229698.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-04-07
CVE-2023-1726
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Proliz OBS allows Stored XSS for an authenticated user.This issue affects OBS: before 23.04.01.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-04-07
CVE-2023-25464
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in StreamWeasels Twitch Player plugin <= 2.1.0 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-04-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved