Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2024
CVE-2024-31079
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or causeĀ other potential impact. This attack requires that a request be specifically timed during the connection draining process, which the attacker has no visibility and limited influence over.
CVSS Score
4.8
EPSS Score
0.005
Published
2024-05-29
CVE-2024-4358
Known exploited
In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.
CVSS Score
9.8
EPSS Score
0.943
Published
2024-05-29
CVE-2024-36375
In JetBrains TeamCity before 2024.03.2 technical information regarding TeamCity server could be exposed
CVSS Score
5.3
EPSS Score
0.0
Published
2024-05-29
CVE-2024-36376
In JetBrains TeamCity before 2024.03.2 users could perform actions that should not be available to them based on their permissions
CVSS Score
6.5
EPSS Score
0.0
Published
2024-05-29
CVE-2024-36377
In JetBrains TeamCity before 2024.03.2 certain TeamCity API endpoints did not check user permissions
CVSS Score
6.5
EPSS Score
0.0
Published
2024-05-29
CVE-2024-36378
In JetBrains TeamCity before 2024.03.2 server was susceptible to DoS attacks with incorrect auth tokens
CVSS Score
5.9
EPSS Score
0.0
Published
2024-05-29
CVE-2024-36470
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 authentication bypass was possible in specific edge cases
CVSS Score
8.1
EPSS Score
0.0
Published
2024-05-29
CVE-2024-36370
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via OAuth connection settings was possible
CVSS Score
4.6
EPSS Score
0.508
Published
2024-05-29
CVE-2024-36371
In JetBrains TeamCity before 2023.05.6, 2023.11.5 stored XSS in Commit status publisher was possible
CVSS Score
4.6
EPSS Score
0.594
Published
2024-05-29
CVE-2024-36372
In JetBrains TeamCity before 2023.05.6 reflected XSS on the subscriptions page was possible
CVSS Score
4.6
EPSS Score
0.258
Published
2024-05-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved