Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2023
CVE-2023-21507
Out-of-bounds Read vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-05-04
CVE-2023-21508
Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-05-04
CVE-2023-21509
Out-of-bounds Write vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-05-04
CVE-2023-21510
Out-of-bounds Read vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-05-04
CVE-2023-21511
Out-of-bounds Read vulnerability while processing CMD_COLDWALLET_BTC_SET_PRV_UTXO in bc_core trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-05-04
CVE-2023-25289
Directory Traversal vulnerability in virtualreception Digital Receptie version win7sp1_rtm.101119-1850 6.1.7601.1.0.65792 in embedded web server, allows attacker to gain sensitive information via a crafted GET request.
CVSS Score
7.5
EPSS Score
0.031
Published
2023-05-04
CVE-2023-30216
Insecure permissions in the updateUserInfo function of newbee-mall before commit 1f2c2dfy allows attackers to obtain user account information.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-05-04
CVE-2023-30328
An issue in the helper tool of Mailbutler GmbH Shimo VPN Client for macOS v5.0.4 allows attackers to bypass authentication via PID re-use.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-05-04
CVE-2023-30399
Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-05-04
CVE-2023-31413
Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled.
CVSS Score
3.3
EPSS Score
0.001
Published
2023-05-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved