Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2023
CVE-2023-30084
An issue found in libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the stackVal function in util/decompile.c.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-05-09
CVE-2023-30085
Buffer Overflow vulnerability found in Libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the cws2fws function in util/decompile.c.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-05-09
CVE-2023-30086
Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-05-09
CVE-2023-30087
Buffer Overflow vulnerability found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_mk_string function in mjs.c.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-05-09
CVE-2023-30088
An issue found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_execute function in mjs.c.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-05-09
CVE-2023-31144
Craft CMS is a content management system. Starting in version 3.0.0 and prior to versions 3.8.4 and 4.4.4, a malformed title in the feed widget can deliver a cross-site scripting payload. This issue is fixed in version 3.8.4 and 4.4.4.
CVSS Score
6.1
EPSS Score
0.005
Published
2023-05-09
CVE-2023-31476
An issue was discovered on GL.iNet devices running firmware before 3.216. There is an arbitrary file write in which an empty file can be created almost anywhere on the filesystem, as long as the filename and path is no more than 6 characters (the working directory is /www).
CVSS Score
7.5
EPSS Score
0.001
Published
2023-05-09
CVE-2023-31489
An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function.
CVSS Score
5.5
EPSS Score
0.004
Published
2023-05-09
CVE-2023-31490
An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() function.
CVSS Score
7.5
EPSS Score
0.07
Published
2023-05-09
CVE-2023-31799
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the system annnouncements parameter.
CVSS Score
4.8
EPSS Score
0.003
Published
2023-05-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved