Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2023
CVE-2023-43700
Missing Authorization in RDT400 in SICK APU allows an unprivileged remote attacker to modify data via HTTP requests that no not require authentication.
CVSS Score
7.7
EPSS Score
0.002
Published
2023-10-09
CVE-2023-45247
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 36497, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-10-09
CVE-2023-45248
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 36497, Acronis Cyber Protect 16 (Windows) before build 37391.
CVSS Score
6.6
EPSS Score
0.001
Published
2023-10-09
CVE-2023-45612
In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE
CVSS Score
8.6
EPSS Score
0.0
Published
2023-10-09
CVE-2023-45613
In JetBrains Ktor before 2.3.5 server certificates were not verified
CVSS Score
6.8
EPSS Score
0.0
Published
2023-10-09
CVE-2023-5330
Mattermost fails to enforce a limit for the size of the cache entry for OpenGraph data allowing an attacker to send a specially crafted request to the /api/v4/opengraph filling the cache and turning the server unavailable.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-10-09
CVE-2023-5331
Mattermost fails to properly check the creator of an attached file when adding the file to a draft post, potentially exposing unauthorized file information.
CVSS Score
4.3
EPSS Score
0.002
Published
2023-10-09
CVE-2023-5333
Mattermost fails to deduplicate input IDs allowing a simple user to cause the application to consume excessive resources and possibly crash by sending a specially crafted request to /api/v4/users/ids with multiple identical IDs.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-10-09
CVE-2023-44240
Cross-Site Request Forgery (CSRF) vulnerability in Peter Butler Timthumb Vulnerability Scanner plugin <= 1.54 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-10-09
CVE-2023-44473
Cross-Site Request Forgery (CSRF) vulnerability in Michael Tran Table of Contents Plus plugin <= 2302 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-10-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved