Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2023
CVE-2023-34088
Collabora Online is a collaborative online office suite. A stored cross-site scripting (XSS) vulnerability was found in Collabora Online prior to versions 22.05.13, 21.11.9.1, and 6.4.27. An attacker could create a document with an XSS payload as a document name. Later, if an administrator opened the admin console and navigated to the history page, the document name was injected as unescaped HTML and executed as a script inside the context of the admin console. The administrator JSON web token (JWT) used for the websocket connection could be leaked through this flaw. Users should upgrade to Collabora Online 22.05.13 or higher; Collabora Online 21.11.9.1 or higher; Collabora Online 6.4.27 or higher to receive a patch.
CVSS Score
8.7
EPSS Score
0.001
Published
2023-05-31
CVE-2023-26277
IBM QRadar WinCollect Agent 10.0 though 10.1.3 could allow a local user to execute commands on the system due to execution with unnecessary privileges. IBM X-Force ID: 248156.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-05-31
CVE-2023-33718
mp4v2 v2.1.3 was discovered to contain a memory leak via MP4File::ReadString() at mp4file_io.cpp
CVSS Score
8.8
EPSS Score
0.001
Published
2023-05-31
CVE-2022-35755
Windows Print Spooler Elevation of Privilege Vulnerability
CVSS Score
7.3
EPSS Score
0.203
Published
2023-05-31
CVE-2022-35756
Windows Kerberos Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.159
Published
2023-05-31
CVE-2022-35757
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVSS Score
7.3
EPSS Score
0.006
Published
2023-05-31
CVE-2022-35758
Windows Kernel Memory Information Disclosure Vulnerability
CVSS Score
5.5
EPSS Score
0.003
Published
2023-05-31
CVE-2022-35759
Windows Local Security Authority (LSA) Denial of Service Vulnerability
CVSS Score
6.5
EPSS Score
0.039
Published
2023-05-31
CVE-2022-35743
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.003
Published
2023-05-31
CVE-2022-35744
Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability
CVSS Score
9.8
EPSS Score
0.136
Published
2023-05-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved