Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2024
CVE-2024-1956
The wpb-show-core WordPress plugin before 2.7 does not sanitise and escape the parameters before outputting it back in the response of an unauthenticated request, leading to a Reflected Cross-Site Scripting
CVSS Score
6.1
EPSS Score
0.006
Published
2024-04-08
CVE-2024-1958
The WPB Show Core WordPress plugin before 2.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users
CVSS Score
4.8
EPSS Score
0.01
Published
2024-04-08
CVE-2024-23658
In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed
CVSS Score
4.4
EPSS Score
0.0
Published
2024-04-08
CVE-2023-52341
In Plaintext COUNTER CHECK message accepted before AS security activation, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed
CVSS Score
7.5
EPSS Score
0.003
Published
2024-04-08
CVE-2023-52342
In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed
CVSS Score
7.5
EPSS Score
0.004
Published
2024-04-08
CVE-2023-52343
In SecurityCommand message after as security has been actived., there is a possible improper input validation. This could lead to remote information disclosure no additional execution privileges needed
CVSS Score
5.5
EPSS Score
0.002
Published
2024-04-08
CVE-2023-52344
In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed
CVSS Score
5.3
EPSS Score
0.01
Published
2024-04-08
CVE-2023-52345
In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed
CVSS Score
6.0
EPSS Score
0.0
Published
2024-04-08
CVE-2023-52346
In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed
CVSS Score
4.4
EPSS Score
0.0
Published
2024-04-08
CVE-2023-52347
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
CVSS Score
5.5
EPSS Score
0.0
Published
2024-04-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved