Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2024
CVE-2024-32163
CMSeasy 7.7.7.9 is vulnerable to code execution.
CVSS Score
6.4
EPSS Score
0.0
Published
2024-04-17
CVE-2024-3900
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText.
CVSS Score
2.9
EPSS Score
0.001
Published
2024-04-17
CVE-2024-29950
The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa signature scheme, which has a SHA-1 hash. The vulnerability could allow a remote, unauthenticated attacker to perform a man-in-the-middle attack.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-04-17
CVE-2024-30950
A stored cross-site scripting (XSS) vulnerability in FUDforum v3.1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SQL statements field under /adm/admsql.php.
CVSS Score
3.5
EPSS Score
0.001
Published
2024-04-17
CVE-2024-30989
Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code via the "cname", "comname", "state" and "city" parameter.
CVSS Score
5.4
EPSS Score
0.002
Published
2024-04-17
CVE-2024-30990
SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "searchdata" parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-04-17
CVE-2024-31031
An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to cause undefined behavior via a sequence of messages leading to unsigned integer overflow.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-04-17
CVE-2024-31040
Buffer Overflow vulnerability in the get_var_integer function in mqtt_parser.c in NanoMQ 0.21.7 allows remote attackers to cause a denial of service via a series of specially crafted hexstreams.
CVSS Score
2.7
EPSS Score
0.003
Published
2024-04-17
CVE-2024-31041
Null Pointer Dereference vulnerability in topic_filtern function in mqtt_parser.c in NanoMQ 0.21.7 allows attackers to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-04-17
CVE-2024-31580
PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVSS Score
4.0
EPSS Score
0.0
Published
2024-04-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved