Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2023
CVE-2023-23982
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPGear.Pro WPFrom Email plugin <= 1.8.8 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-04-06
CVE-2023-29415
An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A denial of service (process hang) can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-04-06
CVE-2023-29416
An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3_decode_block out-of-bounds write can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-04-06
CVE-2023-29417
An issue was discovered in libbzip3.a in bzip3 1.2.2. There is a bz3_decompress out-of-bounds read in certain situations where buffers passed to bzip3 do not contain enough space to be filled with decompressed data. NOTE: the vendor's perspective is that the observed behavior can only occur for a contract violation, and thus the report is invalid.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-04-06
CVE-2023-29418
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an xwrite out-of-bounds read.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-04-06
CVE-2023-29419
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a bz3_decode_block out-of-bounds read.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-04-06
CVE-2023-29420
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3_decode_block.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-04-06
CVE-2023-29421
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3_decode_block.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-04-06
CVE-2022-31888
Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2.
CVSS Score
8.8
EPSS Score
0.007
Published
2023-04-05
CVE-2022-31889
Cross Site Scripting (XSS) vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-04-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved