Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2024
CVE-2024-39012
ais-ltd strategyen v0.4.0 was discovered to contain a prototype pollution via the function mergeObjects. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-07-30
CVE-2023-33976
TensorFlow is an end-to-end open source platform for machine learning. `array_ops.upper_bound` causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will also cherrypick this commit on TensorFlow 2.12.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-07-30
CVE-2024-36572
Prototype pollution in allpro form-manager 0.7.4 allows attackers to run arbitrary code and cause other impacts via the functions setDefaults, mergeBranch, and Object.setObjectValue.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-07-30
CVE-2024-38984
Prototype Pollution in lukebond json-override 0.2.0 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via the __proto__ property.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-07-30
CVE-2024-38986
Prototype Pollution in 75lb deep-merge 1.1.1 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via merge methods of lodash to merge objects.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-07-30
CVE-2024-41439
A heap buffer overflow in the function cp_block() (/vendor/cute_png.h) of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-07-30
CVE-2024-41443
A stack overflow in the function cp_dynamic() (/vendor/cute_png.h) of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-07-30
CVE-2024-5249
In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-07-30
CVE-2024-5250
In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations
CVSS Score
3.5
EPSS Score
0.001
Published
2024-07-30
CVE-2024-3930
In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity (XXE) was discovered.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-07-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved