Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2023
CVE-2023-37141
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function Js::ProfilingHelpers::ProfiledNewScArray().
CVSS Score
5.5
EPSS Score
0.002
Published
2023-07-18
CVE-2023-37142
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function Js::EntryPointInfo::HasInlinees().
CVSS Score
5.5
EPSS Score
0.002
Published
2023-07-18
CVE-2023-37143
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function BackwardPass::IsEmptyLoopAfterMemOp().
CVSS Score
5.5
EPSS Score
0.003
Published
2023-07-18
CVE-2023-37758
D-LINK DIR-815 v1.01 was discovered to contain a buffer overflow via the component /web/captcha.cgi.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-07-18
CVE-2023-37788
goproxy v1.1 was discovered to contain an issue which can lead to a Denial of service (DoS) via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-07-18
CVE-2023-28020
 URL redirection in Login page in HCL BigFix WebUI allows malicious user to redirect the client browser to an external site via redirect URL response header.
CVSS Score
4.7
EPSS Score
0.002
Published
2023-07-18
CVE-2023-28021
The BigFix WebUI uses weak cipher suites.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-07-18
CVE-2023-30153
An SQL injection vulnerability in the Payplug (payplug) module for PrestaShop, in versions 3.6.0, 3.6.1, 3.6.2, 3.6.3, 3.7.0 and 3.7.1, allows remote attackers to execute arbitrary SQL commands via the ajax.php front controller.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-07-18
CVE-2023-30383
TP-LINK Archer C50v2 Archer C50(US)_V2_160801, TP-LINK Archer C20v1 Archer_C20_V1_150707, and TP-LINK Archer C2v1 Archer_C2_US__V1_170228 were discovered to contain a buffer overflow which may lead to a Denial of Service (DoS) when parsing crafted data.
CVSS Score
7.5
EPSS Score
0.005
Published
2023-07-18
CVE-2023-36670
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-07-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved