Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2024
CVE-2024-35388
TOTOLINK NR1800X v9.1.0u.6681_B20230703 was discovered to contain a stack overflow via the password parameter in the function urldecode
CVSS Score
8.8
EPSS Score
0.031
Published
2024-05-24
CVE-2024-35387
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth.
CVSS Score
9.8
EPSS Score
0.1
Published
2024-05-24
CVE-2023-52880
In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc Any unprivileged user can attach N_GSM0710 ldisc, but it requires CAP_NET_ADMIN to create a GSM network anyway. Require initial namespace CAP_NET_ADMIN to do that.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-05-24
CVE-2024-35395
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-05-24
CVE-2024-35396
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password for telnet in /web_cste/cgi-bin/product.ini, which allows attackers to log in as root.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-05-24
CVE-2024-33809
PingCAP TiDB v7.5.1 was discovered to contain a buffer overflow vulnerability, which could lead to database crashes and denial of service attacks.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-05-24
CVE-2024-35339
Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac.
CVSS Score
9.8
EPSS Score
0.044
Published
2024-05-24
CVE-2024-35340
Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the cmdinput parameter at ip/goform/formexeCommand.
CVSS Score
8.6
EPSS Score
0.024
Published
2024-05-24
CVE-2024-35618
PingCAP TiDB v7.5.1 was discovered to contain a NULL pointer dereference via the component SortedRowContainer.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-05-24
CVE-2024-31510
An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker to escalate privileges via the crypto_sign_signature parameter in the /pqcrystals-dilithium-standard_ml-dsa-44-ipd_avx2/sign.c component.
CVSS Score
9.8
EPSS Score
0.013
Published
2024-05-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved