Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2023
CVE-2023-34823
fdkaac before 1.0.5 was discovered to contain a stack overflow in read_callback function in src/main.c.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-06-14
CVE-2023-34824
fdkaac before 1.0.5 was discovered to contain a heap buffer overflow in caf_info function in caf_reader.c.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-06-14
CVE-2023-34865
Directory traversal vulnerability in ujcms 6.0.2 allows attackers to move files via the rename feature.
CVSS Score
9.8
EPSS Score
0.008
Published
2023-06-14
CVE-2023-34878
An issue was discovered in Ujcms v6.0.2 allows attackers to gain sensitive information via the dir parameter to /api/backend/core/web-file-html/download-zip.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-06-14
CVE-2023-35110
An issue was discovered jjson thru 0.1.7 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-06-14
CVE-2023-35116
jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker.
CVSS Score
4.7
EPSS Score
0.0
Published
2023-06-14
CVE-2020-22402
Cross Site Scripting (XSS) vulnerability in SOGo Web Mail before 4.3.1 allows attackers to obtain user sensitive information when a user reads an email containing malicious code.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-06-14
CVE-2021-31280
An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the keywords parameter.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-06-14
CVE-2023-32465
Dell Power Protect Cyber Recovery, contains an Authentication Bypass vulnerability. An attacker could potentially exploit this vulnerability, leading to unauthorized admin access to the Cyber Recovery application. Exploitation may lead to complete system takeover by an attacker.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-06-14
CVE-2023-34609
An issue was discovered flexjson thru 3.3 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-06-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved