Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2023
CVE-2023-31555
podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfObject::DelayedLoad.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-05-10
CVE-2023-31556
podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfDictionary::findKeyParent.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-05-10
CVE-2023-31566
Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted().
CVSS Score
8.8
EPSS Score
0.001
Published
2023-05-10
CVE-2023-31567
Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-05-10
CVE-2023-31568
Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-05-10
CVE-2023-2630
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.
CVSS Score
5.7
EPSS Score
0.0
Published
2023-05-10
CVE-2023-30351
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. This vulnerability allows attackers to connect to the TELNET service (or UART) by using the exposed credentials.
CVSS Score
7.5
EPSS Score
0.0
Published
2023-05-10
CVE-2023-30352
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for the RTSP feed.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-05-10
CVE-2023-30353
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document.
CVSS Score
9.8
EPSS Score
0.016
Published
2023-05-10
CVE-2022-46377
An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs when no IP address argument is provided to the `PORT` command.
CVSS Score
6.5
EPSS Score
0.005
Published
2023-05-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved