Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2023
CVE-2023-28950
IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled. IBM X-Force ID: 251358.
CVSS Score
5.1
EPSS Score
0.0
Published
2023-05-19
CVE-2022-47984
IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 243163.
CVSS Score
6.3
EPSS Score
0.001
Published
2023-05-19
CVE-2023-22878
IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 244373.
CVSS Score
6.2
EPSS Score
0.0
Published
2023-05-19
CVE-2023-20881
Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This would allow the user to override the private key and add or modify a certificate authority used for the connection.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-05-19
CVE-2023-28514
IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace. IBM X-Force ID: 250398.
CVSS Score
6.2
EPSS Score
0.0
Published
2023-05-19
CVE-2023-30774
A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-05-19
CVE-2023-30775
A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-05-19
CVE-2023-30199
Prestashop customexporter <= 1.7.20 is vulnerable to Incorrect Access Control via modules/customexporter/downloads/download.php.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-05-19
CVE-2023-31707
SEMCMS 1.5 is vulnerable to SQL Injection via Ant_Rponse.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-05-19
CVE-2023-31757
DedeCMS up to v5.7.108 is vulnerable to XSS in sys_info.php via parameters 'edit___cfg_powerby' and 'edit___cfg_beian'
CVSS Score
5.4
EPSS Score
0.001
Published
2023-05-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved