Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2023
CVE-2023-4303
Jenkins Fortify Plugin 22.1.38 and earlier does not escape the error message for a form validation method, resulting in an HTML injection vulnerability.
CVSS Score
4.3
EPSS Score
0.002
Published
2023-08-21
CVE-2023-25915
Due to improper input validation, an authenticated remote attacker could execute arbitrary commands on the target system.
CVSS Score
9.9
EPSS Score
0.009
Published
2023-08-21
CVE-2023-25914
Due to improper restriction, authenticated attackers could retrieve and read system files of the underlying server through the XML interface. The information that can be read can lead to a full system compromise.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-08-21
CVE-2023-25913
Because of an authentication flaw an attacker would be capable of generating a web report that discloses sensitive information such as internal IP addresses, usernames, store names and other sensitive information.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-21
CVE-2023-36787
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVSS Score
8.8
EPSS Score
0.038
Published
2023-08-21
CVE-2023-38158
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
CVSS Score
3.1
EPSS Score
0.009
Published
2023-08-21
CVE-2023-4417
Improper access controls in the entry duplication component in Devolutions Remote Desktop Manager 2023.2.19 and earlier versions on Windows allows an authenticated user, under specific circumstances, to inadvertently share their personal vault entry with shared vaults via an incorrect vault in the duplication write process.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-08-21
CVE-2023-4459
A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-21
CVE-2023-40352
McAfee Safe Connect before 2.16.1.126 may allow an adversary with system privileges to achieve privilege escalation by loading arbitrary DLLs.
CVSS Score
7.2
EPSS Score
0.002
Published
2023-08-21
CVE-2023-4373
Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-08-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved