Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2023
CVE-2023-29332
Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability
CVSS Score
7.5
EPSS Score
0.128
Published
2023-09-12
CVE-2023-34469
AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the physical network. A successful exploit of this vulnerability may lead to a loss of confidentiality. 
CVSS Score
4.9
EPSS Score
0.001
Published
2023-09-12
CVE-2023-34470
AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability.
CVSS Score
6.8
EPSS Score
0.001
Published
2023-09-12
CVE-2023-0119
A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user's session, make requests on behalf of the user, and obtain user credentials.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-09-12
CVE-2023-40784
DedeCMS 5.7.102 has a File Upload vulnerability via uploads/dede/module_make.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-09-12
CVE-2023-4863
Known exploited
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
CVSS Score
8.8
EPSS Score
0.933
Published
2023-09-12
CVE-2023-4913
Cross-site Scripting (XSS) - Reflected in GitHub repository cecilapp/cecil prior to 7.47.1.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-09-12
CVE-2023-4914
Relative Path Traversal in GitHub repository cecilapp/cecil prior to 7.47.1.
CVSS Score
5.8
EPSS Score
0.002
Published
2023-09-12
CVE-2023-40218
An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820, 980, 2100, 2200, 1280, and 1380. An integer overflow can bypass detection of error cases via a crafted application.
CVSS Score
2.0
EPSS Score
0.0
Published
2023-09-12
CVE-2023-40834
OpenCart CMS v4.0.2.2 was discovered to lack a protective mechanism on its login page against excessive login attempts, allowing unauthenticated attackers to gain access to the application via a brute force attack to the password parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-09-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved