Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2024
CVE-2024-43472
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVSS Score
5.8
EPSS Score
0.004
Published
2024-08-16
CVE-2023-47728
IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the request. This information could be used in further attacks against the system. IBM X-Force ID: 272201.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-08-16
CVE-2024-42849
An issue in Silverpeas v.6.4.2 and lower allows a remote attacker to cause a denial of service via the password change function.
CVSS Score
6.5
EPSS Score
0.07
Published
2024-08-16
CVE-2024-42850
An issue in the password change function of Silverpeas v6.4.2 and lower allows for the bypassing of password complexity requirements.
CVSS Score
9.8
EPSS Score
0.196
Published
2024-08-16
CVE-2022-33162
IBM Security Directory Integrator 7.2.0 and Security Verify Directory Integrator 10.0.0 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources, at the privilege level of a standard unprivileged user. IBM X-Force ID: 228570.
CVSS Score
7.3
EPSS Score
0.002
Published
2024-08-16
CVE-2024-42639
H3C GR1100-P v100R009 was discovered to use a hardcoded password in /etc/shadow, which allows attackers to log in as root.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-08-16
CVE-2024-42637
H3C R3010 v100R002L02 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-08-16
CVE-2024-42638
H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-08-16
CVE-2024-25837
A stored cross-site scripting (XSS) vulnerability in October CMS Bloghub Plugin v1.3.8 and lower allows attackers to execute arbitrary web scripts or HTML via a crafted payload into the Comments section.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-08-16
CVE-2024-42994
VTiger CRM <= 8.1.0 does not properly sanitize user input before using it in a SQL statement, leading to a SQL Injection in the "CompanyDetails" operation of the "MailManager" module.
CVSS Score
7.2
EPSS Score
0.001
Published
2024-08-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved