Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2024
CVE-2024-20852
Improper verification of intent by broadcast receiver vulnerability in SmartThings prior to version 1.8.13.22 allows local attackers to access testing configuration.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-04-02
CVE-2024-20846
Out-of-bounds write vulnerability while decoding hcr of libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-04-02
CVE-2024-20847
Improper Access Control vulnerability in StorageManagerService prior to SMR Apr-2024 Release 1 allows local attackers to read sdcard information.
CVSS Score
4.0
EPSS Score
0.001
Published
2024-04-02
CVE-2024-20848
Improper Input Validation vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2024 Release 1 allows local attackers to write out-of-bounds memory.
CVSS Score
4.0
EPSS Score
0.001
Published
2024-04-02
CVE-2024-20849
Out-of-bound Write vulnerability in chunk parsing implementation of libsdffextractor prior to SMR Apr-2023 Release 1 allows local attackers to execute arbitrary code.
CVSS Score
7.3
EPSS Score
0.001
Published
2024-04-02
CVE-2024-20842
Improper Input Validation vulnerability in handling apdu of libsec-ril prior to SMR Apr-2024 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVSS Score
4.2
EPSS Score
0.0
Published
2024-04-02
CVE-2024-20843
Out-of-bound write vulnerability in command parsing implementation of libIfaaCa prior to SMR Apr-2024 Release 1 allows local privileged attackers to execute arbitrary code.
CVSS Score
5.6
EPSS Score
0.001
Published
2024-04-02
CVE-2024-20844
Out-of-bounds write vulnerability while parsing remaining codewords in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.
CVSS Score
8.4
EPSS Score
0.001
Published
2024-04-02
CVE-2024-20845
Out-of-bounds write vulnerability while releasing memory in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.
CVSS Score
8.4
EPSS Score
0.001
Published
2024-04-02
CVE-2024-3148
A vulnerability, which was classified as critical, has been found in DedeCMS 5.7.112. This issue affects some unknown processing of the file dede/makehtml_archives_action.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258923. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
6.3
EPSS Score
0.002
Published
2024-04-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved