Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2023
CVE-2023-32634
An authentication bypass vulnerability exists in the CiRpcServerThread() functionality of SoftEther VPN 5.01.9674 and 4.41-9782-beta. An attacker can perform a local man-in-the-middle attack to trigger this vulnerability.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-10-12
CVE-2023-22325
A denial of service vulnerability exists in the DCRegister DDNS_RPC_MAX_RECV_SIZE functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
CVSS Score
5.9
EPSS Score
0.003
Published
2023-10-12
CVE-2023-23581
A denial-of-service vulnerability exists in the vpnserver EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-10-12
CVE-2023-22308
An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-10-12
CVE-2023-45102
Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Blog Manager Light plugin <= 1.20 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-10-12
CVE-2023-45103
Cross-Site Request Forgery (CSRF) vulnerability in YAS Global Team Permalinks Customizer plugin <= 2.8.2 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-10-12
CVE-2023-45106
Cross-Site Request Forgery (CSRF) vulnerability in Fedor Urvanov, Aram Kocharyan Urvanov Syntax Highlighter plugin <= 2.8.33 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-10-12
CVE-2023-32124
Cross-Site Request Forgery (CSRF) vulnerability in Arul Prasad J Publish Confirm Message plugin <= 1.3.1 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-10-12
CVE-2023-41131
Cross-Site Request Forgery (CSRF) vulnerability in Jonk @ Follow me Darling Sp*tify Play Button for WordPress plugin <= 2.10 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-10-12
CVE-2023-27315
SnapGathers versions prior to 4.9 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext domain user credentials
CVSS Score
6.5
EPSS Score
0.001
Published
2023-10-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved