Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2023
CVE-2023-35844
packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension (.csv or .png) is used.
CVSS Score
7.5
EPSS Score
0.91
Published
2023-06-19
CVE-2023-35839
A bypass in the component sofa-hessian of Solon before v2.3.3 allows attackers to execute arbitrary code via providing crafted payload.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-06-19
CVE-2023-35840
_joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector.
CVSS Score
6.5
EPSS Score
0.052
Published
2023-06-19
CVE-2023-35823
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c.
CVSS Score
7.0
EPSS Score
0.0
Published
2023-06-18
CVE-2023-35824
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.
CVSS Score
7.0
EPSS Score
0.0
Published
2023-06-18
CVE-2023-35826
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in cedrus_remove in drivers/staging/media/sunxi/cedrus/cedrus.c.
CVSS Score
7.0
EPSS Score
0.0
Published
2023-06-18
CVE-2023-35827
An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.
CVSS Score
7.0
EPSS Score
0.0
Published
2023-06-18
CVE-2023-35828
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c.
CVSS Score
7.0
EPSS Score
0.0
Published
2023-06-18
CVE-2023-35829
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c.
CVSS Score
7.0
EPSS Score
0.0
Published
2023-06-18
CVE-2023-3311
A vulnerability, which was classified as problematic, was found in PuneethReddyHC online-shopping-system-advanced 1.0. This affects an unknown part of the file addsuppliers.php. The manipulation of the argument First name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-231807.
CVSS Score
2.4
EPSS Score
0.001
Published
2023-06-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved