Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2024
CVE-2024-38218
Microsoft Edge (HTML-based) Memory Corruption Vulnerability
CVSS Score
8.4
EPSS Score
0.006
Published
2024-08-12
CVE-2024-36461
Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine.
CVSS Score
9.1
EPSS Score
0.004
Published
2024-08-12
CVE-2024-36462
Uncontrolled resource consumption refers to a software vulnerability where a attacker or system uses excessive resources, such as CPU, memory, or network bandwidth, without proper limitations or controls. This can cause a denial-of-service (DoS) attack or degrade the performance of the affected system.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-08-12
CVE-2024-36518
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's dashboard.
CVSS Score
8.3
EPSS Score
0.005
Published
2024-08-12
CVE-2024-37023
Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters.
CVSS Score
9.1
EPSS Score
0.005
Published
2024-08-12
CVE-2024-36034
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option.
CVSS Score
8.3
EPSS Score
0.004
Published
2024-08-12
CVE-2024-36035
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in user session recording.
CVSS Score
8.3
EPSS Score
0.004
Published
2024-08-12
CVE-2024-36460
The front-end audit log allows viewing of unprotected plaintext passwords, where the passwords are displayed in plain text.
CVSS Score
8.1
EPSS Score
0.003
Published
2024-08-12
CVE-2024-30188
File read and write vulnerability in Apache DolphinScheduler ,  authenticated users can illegally access additional resource files. This issue affects Apache DolphinScheduler: from 3.1.0 before 3.2.2. Users are recommended to upgrade to version 3.2.2, which fixes the issue.
CVSS Score
8.1
EPSS Score
0.874
Published
2024-08-12
CVE-2024-29082
Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform endpoints.
CVSS Score
8.6
EPSS Score
0.001
Published
2024-08-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved