Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2023
CVE-2023-38665
Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows attackers to cause a denial of service (crash).
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-22
CVE-2023-38666
Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_Processor::ProcessFragments function in mp4encrypt.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-08-22
CVE-2023-38667
Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-22
CVE-2023-38668
Stack-based buffer over-read in disasm in nasm 2.16 allows attackers to cause a denial of service (crash).
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-22
CVE-2023-38732
IBM Robotic Process Automation 21.0.0 through 21.0.7 server could allow an authenticated user to view sensitive information from application logs. IBM X-Force ID: 262289.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-08-22
CVE-2023-38996
An issue in all versions of Douran DSGate allows a local authenticated privileged attacker to execute arbitrary code via the debug command.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-08-22
CVE-2023-39141
webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability.
CVSS Score
7.5
EPSS Score
0.839
Published
2023-08-22
CVE-2023-39599
Cross-Site Scripting (XSS) vulnerability in CSZ CMS v.1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Social Settings parameter.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-08-22
CVE-2023-3699
An Improper Privilege Management vulnerability was found in ASUSTOR Data Master (ADM) allows an unprivileged local users to modify the storage devices configuration. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.
CVSS Score
8.7
EPSS Score
0.0
Published
2023-08-22
CVE-2023-37432
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to     obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-08-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved