Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2023
CVE-2023-35319
Remote Procedure Call Runtime Denial of Service Vulnerability
CVSS Score
6.5
EPSS Score
0.037
Published
2023-07-11
CVE-2023-35320
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.001
Published
2023-07-11
CVE-2023-35321
Windows Deployment Services Denial of Service Vulnerability
CVSS Score
6.5
EPSS Score
0.036
Published
2023-07-11
CVE-2023-35322
Windows Deployment Services Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.026
Published
2023-07-11
CVE-2023-35323
Windows OLE Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.01
Published
2023-07-11
CVE-2023-35324
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVSS Score
5.5
EPSS Score
0.002
Published
2023-07-11
CVE-2023-35325
Windows Print Spooler Information Disclosure Vulnerability
CVSS Score
7.5
EPSS Score
0.009
Published
2023-07-11
CVE-2023-34089
Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. The processes filter feature is susceptible to Cross-site scripting. This allows a remote attacker to execute JavaScript code in the context of a currently logged-in user. An attacker could use this vulnerability to make other users endorse or support proposals they have no intention of supporting or endorsing. The problem was patched in version 0.27.3 and 0.26.7.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-07-11
CVE-2023-34090
Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. Decidim uses a third-party library named Ransack for filtering certain database collections (e.g., public meetings). By default, this library allows filtering on all data attributes and associations. This allows an unauthenticated remote attacker to exfiltrate non-public data from the underlying database of a Decidim instance (e.g., exfiltrating data from the user table). This issue may lead to Sensitive Data Disclosure. The problem was patched in version 0.27.3.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-07-11
CVE-2023-34118
Improper privilege management in Zoom Rooms for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access.
CVSS Score
7.3
EPSS Score
0.0
Published
2023-07-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved