Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2023
CVE-2023-30223
A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions.
CVSS Score
7.5
EPSS Score
0.0
Published
2023-06-16
CVE-2023-30625
rudder-server is part of RudderStack, an open source Customer Data Platform (CDP). Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution (RCE) due to the `rudder` role in PostgresSQL having superuser permissions by default. Version 1.3.0-rc.1 contains patches for this issue.
CVSS Score
8.8
EPSS Score
0.899
Published
2023-06-16
CVE-2023-25366
In Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS, insecure SCPI interface discloses web password.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-06-16
CVE-2023-30453
The Teamlead Reminder plugin through 2.6.5 for Jira allows persistent XSS via the message parameter.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-06-16
CVE-2023-34795
xlsxio v0.1.2 to v0.2.34 was discovered to contain a free of uninitialized pointer in the xlsxioread_sheetlist_close() function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted XLSX file.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-06-16
CVE-2023-35783
The ke_search (aka Faceted Search) extension before 4.0.3, 4.1.x through 4.6.x before 4.6.6, and 5.x before 5.0.2 for TYPO3 allows XSS via indexed data.
CVSS Score
6.3
EPSS Score
0.003
Published
2023-06-16
CVE-2023-34548
Simple Customer Relationship Management 1.0 is vulnerable to SQL Injection via the email parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-06-16
CVE-2023-35782
The ipandlanguageredirect extension before 5.1.2 for TYPO3 allows SQL Injection.
CVSS Score
8.2
EPSS Score
0.003
Published
2023-06-16
CVE-2022-48330
A Huawei sound box product has an out-of-bounds write vulnerability. Attackers can exploit this vulnerability to cause buffer overflow. Affected product versions include:FLMG-10 versions FLMG-10 10.0.1.0(H100SP22C00).
CVSS Score
8.0
EPSS Score
0.0
Published
2023-06-16
CVE-2022-48469
There is a traffic hijacking vulnerability in Huawei routers. Successful exploitation of this vulnerability can cause packets to be hijacked by attackers. 
CVSS Score
6.5
EPSS Score
0.0
Published
2023-06-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved