Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2023
CVE-2023-2551
PHP Remote File Inclusion in GitHub repository unilogies/bumsys prior to 2.1.1.
CVSS Score
7.2
EPSS Score
0.007
Published
2023-05-05
CVE-2023-2552
Cross-Site Request Forgery (CSRF) in GitHub repository unilogies/bumsys prior to 2.1.1.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-05-05
CVE-2023-2553
Cross-site Scripting (XSS) - Stored in GitHub repository unilogies/bumsys prior to 2.2.0.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-05-05
CVE-2023-2554
External Control of File Name or Path in GitHub repository unilogies/bumsys prior to 2.2.0.
CVSS Score
7.2
EPSS Score
0.013
Published
2023-05-05
CVE-2020-4914
IBM Cloud Pak System Suite 2.3.3.0 through 2.3.3.5 does not invalidate session after logout which could allow a local user to impersonate another user on the system. IBM X-Force ID: 191290.
CVSS Score
4.2
EPSS Score
0.0
Published
2023-05-05
CVE-2022-43866
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 239436.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-05-05
CVE-2023-2427
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.13.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-05-05
CVE-2023-2516
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7.
CVSS Score
5.4
EPSS Score
0.007
Published
2023-05-05
CVE-2023-32269
An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-05-05
CVE-2023-26285
IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow a remote attacker to cause a denial of service due to an error processing invalid data. IBM X-Force ID: 248418.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-05-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved