Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2023
CVE-2023-42756
A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-09-28
CVE-2023-43860
D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanNonLogin function.
CVSS Score
7.5
EPSS Score
0.01
Published
2023-09-28
CVE-2023-43861
D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanPPPoE function.
CVSS Score
7.5
EPSS Score
0.01
Published
2023-09-28
CVE-2023-40307
An attacker with standard privileges on macOS when requesting administrator privileges from the application can submit input which causes a buffer overflow resulting in a crash of the application. This could make the application unavailable and allow reading or modification of data.
CVSS Score
6.3
EPSS Score
0.001
Published
2023-09-28
CVE-2022-47187
There is a file upload XSS vulnerability in Generex CS141 below 2.06 version. The web application allows file uploading, making it possible to upload a file with HTML content. When HTML files are allowed, XSS payload can be injected into the uploaded file.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-09-28
CVE-2022-47186
There is an unrestricted upload of file vulnerability in Generex CS141 below 2.06 version. An attacker could upload and/or delete any type of file, without any format restriction and without any authentication, in the "upload" directory.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-09-28
CVE-2023-43869
D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard56 function.
CVSS Score
9.8
EPSS Score
0.034
Published
2023-09-28
CVE-2023-26149
Versions of the package quill-mention before 4.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper user-input sanitization, via the renderList function. **Note:** If the mentions list is sourced from unsafe (user-sourced) data, this might allow an injection attack when a Quill user hits @.
CVSS Score
6.1
EPSS Score
0.012
Published
2023-09-28
CVE-2023-44275
OPNsense before 23.7.5 allows XSS via the index.php column_count parameter to the Lobby Dashboard.
CVSS Score
5.4
EPSS Score
0.003
Published
2023-09-28
CVE-2023-44276
OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby Dashboard.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-09-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved