Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2023
CVE-2023-45240
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-10-05
CVE-2023-45241
Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35739, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 37391.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-10-05
CVE-2023-45242
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-10-05
CVE-2023-45243
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-10-05
CVE-2023-39323
Line directives ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-10-05
CVE-2023-5441
NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960.
CVSS Score
6.2
EPSS Score
0.0
Published
2023-10-05
CVE-2023-40920
Prixan prixanconnect up to v1.62 was discovered to contain a SQL injection vulnerability via the component CartsGuruCatalogModuleFrontController::importProducts().
CVSS Score
9.8
EPSS Score
0.001
Published
2023-10-05
CVE-2023-43284
D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 100A53DBR-Retail devices allow an authenticated remote attacker to execute arbitrary code via an unspecified manipulation of the QoS POST parameter.
CVSS Score
8.8
EPSS Score
0.303
Published
2023-10-05
CVE-2023-43981
Presto Changeo testsitecreator up to 1.1.1 was discovered to contain a deserialization vulnerability via the component delete_excluded_folder.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-10-05
CVE-2023-43983
Presto Changeo attributegrid up to 2.0.3 was discovered to contain a SQL injection vulnerability via the component disable_json.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-10-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved