Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2023
CVE-2023-43176
A deserialization vulnerability in Afterlogic Aurora Files v9.7.3 allows attackers to execute arbitrary code via supplying a crafted .sabredav file.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-10-03
CVE-2023-43898
Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbi__convert_format. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted pic file.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-10-03
CVE-2023-43951
SSCMS 7.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Column Management component.
CVSS Score
5.4
EPSS Score
0.0
Published
2023-10-03
CVE-2023-43952
SSCMS 7.2.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Material Management component.
CVSS Score
5.4
EPSS Score
0.0
Published
2023-10-03
CVE-2023-43953
SSCMS 7.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Content Management component.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-10-03
CVE-2023-44973
An arbitrary file upload vulnerability in the component /content/templates/ of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-10-03
CVE-2023-44974
An arbitrary file upload vulnerability in the component /admin/plugin.php of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
CVSS Score
9.8
EPSS Score
0.143
Published
2023-10-03
CVE-2023-33268
An issue was discovered in DTS Monitoring 3.57.0. The parameter port within the SSL Certificate check function is vulnerable to OS command injection (blind).
CVSS Score
9.8
EPSS Score
0.011
Published
2023-10-03
CVE-2023-40830
Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-10-03
CVE-2023-43976
An issue in CatoNetworks CatoClient before v.5.4.0 allows attackers to escalate privileges and winning the race condition (TOCTOU) via the PrivilegedHelperTool component.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-10-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved