Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2023
CVE-2023-39558
AudimexEE v15.0 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities via the Show Kai Data component.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-08-29
CVE-2023-39559
AudimexEE 15.0 was discovered to contain a full path disclosure vulnerability.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-08-29
CVE-2020-18912
An issue found in Earcms Ear App v.20181124 allows a remote attacker to execute arbitrary code via the uload/index-uplog.php.
CVSS Score
9.8
EPSS Score
0.012
Published
2023-08-29
CVE-2023-41153
A Stored Cross-Site Scripting (XSS) vulnerability in the SSH configuration tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via options for the host value while editing the host options.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-08-29
CVE-2023-4296
​If an attacker tricks an admin user of PTC Codebeamer into clicking on a malicious link, it may allow the attacker to inject arbitrary code to be executed in the browser on the target device.
CVSS Score
8.8
EPSS Score
0.01
Published
2023-08-29
CVE-2023-4611
A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak.
CVSS Score
7.0
EPSS Score
0.0
Published
2023-08-29
CVE-2023-38971
Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the rack number parameter in the add new rack function.
CVSS Score
5.4
EPSS Score
0.003
Published
2023-08-29
CVE-2023-38975
* Buffer Overflow vulnerability in qdrant v.1.3.2 allows a remote attacker cause a denial of service via the chucnked_vectors.rs component.
CVSS Score
7.5
EPSS Score
0.004
Published
2023-08-29
CVE-2023-32241
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPDeveloper Essential Addons for Elementor Pro plugin <= 5.4.8 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-08-29
CVE-2023-39678
A cross-site scripting (XSS) vulnerability in the device web interface (Log Query page) of BDCOM OLT P3310D-2AC 10.1.0F Build 69083 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-08-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved