Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2023
CVE-2023-35391
ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability
CVSS Score
6.2
EPSS Score
0.03
Published
2023-08-08
CVE-2023-39342
Dangerzone is software for converting potentially dangerous PDFs, office documents, or images to safe PDFs. The Dangerzone CLI (`dangerzone-cli` command) logs output from the container where the file sanitization takes place, to the user's terminal. Prior to version 0.4.2, if the container is compromised and can return attacker-controlled strings, then the attacker may be able to spoof messages in the user's terminal or change the window title. Besides logging output from containers, it also logs the names of the files it sanitizes. If these files contain ANSI escape sequences, then the same issue applies. Dangerzone is predominantly a GUI application, so this issue should leave most of our users unaffected. Nevertheless, we always suggest updating to the newest version. This issue is fixed in Dangerzone 0.4.2.
CVSS Score
3.6
EPSS Score
0.001
Published
2023-08-08
CVE-2023-3894
Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.
CVSS Score
5.8
EPSS Score
0.001
Published
2023-08-08
CVE-2023-38185
Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.021
Published
2023-08-08
CVE-2023-38186
Windows Mobile Device Management Elevation of Privilege Vulnerability
CVSS Score
8.8
EPSS Score
0.02
Published
2023-08-08
CVE-2023-38188
Azure Apache Hadoop Spoofing Vulnerability
CVSS Score
4.5
EPSS Score
0.002
Published
2023-08-08
CVE-2023-38254
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVSS Score
6.5
EPSS Score
0.008
Published
2023-08-08
CVE-2023-39216
Improper input validation in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network access.
CVSS Score
9.6
EPSS Score
0.005
Published
2023-08-08
CVE-2023-39217
Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to enable a denial of service via network access.
CVSS Score
5.3
EPSS Score
0.002
Published
2023-08-08
CVE-2023-39218
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access.
CVSS Score
6.1
EPSS Score
0.002
Published
2023-08-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved