Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2023
CVE-2023-3523
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2.
CVSS Score
6.1
EPSS Score
0.0
Published
2023-07-06
CVE-2023-26137
All versions of the package drogonframework/drogon are vulnerable to HTTP Response Splitting when untrusted user input is used to build header values in the addHeader and addCookie functions. An attacker can add the \r\n (carriage return line feeds) characters to end the HTTP response headers and inject malicious content.
CVSS Score
7.2
EPSS Score
0.001
Published
2023-07-06
CVE-2023-26138
All versions of the package drogonframework/drogon are vulnerable to CRLF Injection when untrusted user input is used to set request headers in the addHeader function. An attacker can add the \r\n (carriage return line feeds) characters and inject additional headers in the request sent.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-07-06
CVE-2023-30673
Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3.23052_1 allows local attackers to delete arbitrary directory using directory junction.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-07-06
CVE-2023-30674
Improper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-07-06
CVE-2023-30675
Improper authentication in Samsung Pass prior to version 4.2.03.1 allows local attacker to access stored account information when Samsung Wallet is not installed.
CVSS Score
6.2
EPSS Score
0.0
Published
2023-07-06
CVE-2023-30676
Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical attackers to access data of Samsung Pass.
CVSS Score
4.6
EPSS Score
0.001
Published
2023-07-06
CVE-2023-30677
Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical attackers to access data of Samsung Pass on a certain state of an unlocked device.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-07-06
CVE-2023-30678
Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file.
CVSS Score
5.1
EPSS Score
0.001
Published
2023-07-06
CVE-2023-30660
Exposure of Sensitive Information vulnerability in getDefaultChipId in UwbAospAdapterService prior to SMR Jul-2023 Release 1 allows local attackers to access the UWB chipset Identifier.
CVSS Score
6.2
EPSS Score
0.001
Published
2023-07-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved