Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2024
CVE-2024-37734
An issue in OpenEMR 7.0.2 allows a remote attacker to escalate privileges viaa crafted POST request using the noteid parameter.
CVSS Score
9.8
EPSS Score
0.037
Published
2024-06-26
CVE-2024-36829
Incorrect access control in Teldat M1 v11.00.05.50.01 allows attackers to obtain sensitive information via a crafted query string.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-06-26
CVE-2024-1839
Intrado 911 Emergency Gateway login form is vulnerable to an unauthenticated blind time-based SQL injection, which may allow an unauthenticated remote attacker to execute malicious code, exfiltrate data, or manipulate the database.
CVSS Score
10.0
EPSS Score
0.008
Published
2024-06-26
CVE-2024-38949
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc
CVSS Score
6.5
EPSS Score
0.001
Published
2024-06-26
CVE-2024-38950
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to __interceptor_memcpy function.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-06-26
CVE-2024-39241
Cross Site Scripting (XSS) vulnerability in skycaiji 2.8 allows attackers to run arbitrary code via /admin/tool/preview.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-06-26
CVE-2024-39242
A cross-site scripting (XSS) vulnerability in skycaiji v2.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload using eval(String.fromCharCode()).
CVSS Score
6.1
EPSS Score
0.002
Published
2024-06-26
CVE-2024-39243
An issue discovered in skycaiji 2.8 allows attackers to run arbitrary code via crafted POST request to /index.php?s=/admin/develop/editor_save.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-06-26
CVE-2024-35545
MAP-OS v4.45.0 and earlier was discovered to contain a cross-site scripting (XSS) vulnerability.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-06-26
CVE-2024-39458
When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log.
CVSS Score
3.1
EPSS Score
0.002
Published
2024-06-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved