Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2023
CVE-2023-29349
Microsoft ODBC and OLE DB Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.006
Published
2023-06-16
CVE-2023-29356
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.006
Published
2023-06-16
CVE-2023-32025
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.011
Published
2023-06-16
CVE-2023-2080
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud allows Blind SQL Injection.
CVSS Score
8.5
EPSS Score
0.002
Published
2023-06-15
CVE-2023-23841
SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request.  Part of the URL of the request discloses sensitive data. 
CVSS Score
7.5
EPSS Score
0.001
Published
2023-06-15
CVE-2023-28810
Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.
CVSS Score
4.3
EPSS Score
0.004
Published
2023-06-15
CVE-2023-24030
An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0 and 8.8.15. To exploit the vulnerability, an attacker would need to have obtained a valid zimbra auth token or a valid preauth token. Once the token is obtained, an attacker could redirect a user to any URL if url sanitisation is bypassed in incoming requests. NOTE: this is similar, but not identical, to CVE-2021-34807.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-06-15
CVE-2023-24031
An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 8.8.15. XSS can occur, via one of attributes of the webmail /h/ endpoint, to execute arbitrary JavaScript code, leading to information disclosure.
CVSS Score
6.1
EPSS Score
0.004
Published
2023-06-15
CVE-2023-24032
In Zimbra Collaboration Suite through 9.0 and 8.8.15, an attacker (who has initial user access to a Zimbra server instance) can execute commands as root by passing one of JVM arguments, leading to local privilege escalation (LPE).
CVSS Score
7.8
EPSS Score
0.001
Published
2023-06-15
CVE-2023-34797
Broken access control in the Registration page (/Registration.aspx) of Termenos CWX v8.5.6 allows attackers to access sensitive information.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-06-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved