Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2023
CVE-2023-4884
An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored on the device due to the lack of Authentication.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-10-03
CVE-2023-4885
Man in the Middle vulnerability, which could allow an attacker to intercept VNF (Virtual Network Function) communications resulting in the exposure of sensitive information.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-10-03
CVE-2023-4886
A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable.
CVSS Score
6.7
EPSS Score
0.001
Published
2023-10-03
CVE-2023-41244
Cross-Site Request Forgery (CSRF) vulnerability in Buildfail Localize Remote Images plugin <= 1.0.9 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-10-03
CVE-2023-41693
Cross-Site Request Forgery (CSRF) vulnerability in edward_plainview MyCryptoCheckout plugin <= 2.125 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-10-03
CVE-2023-4929
All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices.
CVSS Score
6.5
EPSS Score
0.0
Published
2023-10-03
CVE-2023-0506
The web service of ByDemes Group Airspace CCTV Web Service in its 2.616.BY00.11 version, contains a privilege escalation vulnerability, detected in the Camera Control Panel, whose exploitation could allow a low-privileged attacker to gain administrator access.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-10-03
CVE-2023-27435
Cross-Site Request Forgery (CSRF) vulnerability in Sami Ahmed Siddiqui HTTP Auth plugin <= 0.3.2 versions.
CVSS Score
6.3
EPSS Score
0.001
Published
2023-10-03
CVE-2023-2544
Authorization bypass vulnerability in UPV PEIX, affecting the component "pdf_curri_new.php". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users.
CVSS Score
5.3
EPSS Score
0.0
Published
2023-10-03
CVE-2023-32091
Cross-Site Request Forgery (CSRF) vulnerability in POEditor plugin <= 0.9.4 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-10-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved