Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2023
CVE-2023-37996
Cross-Site Request Forgery (CSRF) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.7 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-10-03
CVE-2023-37998
Cross-Site Request Forgery (CSRF) vulnerability in Saas Disabler allows Cross Site Request Forgery.This issue affects Disabler: from n/a through 3.0.3.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-10-03
CVE-2023-38381
Cross-Site Request Forgery (CSRF) vulnerability in Cyle Conoly WP-FlyBox plugin <= 6.46 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-10-03
CVE-2023-3654
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a origin bypass via the host header in an HTTP request. This vulnerability can be triggered by an HTTP endpoint exposed to the network.
CVSS Score
9.4
EPSS Score
0.0
Published
2023-10-03
CVE-2023-44217
A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running repair functionality.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-10-03
CVE-2023-44218
A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation (LPE) vulnerability.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-10-03
CVE-2023-3655
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database (system settings, user accounts,...). This vulnerability can be triggered by an HTTP endpoint exposed to the network.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-10-03
CVE-2023-3656
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by an unauthenticated remote code execution vulnerability. This vulnerability can be triggered by an HTTP endpoint exposed to the network.
CVSS Score
9.8
EPSS Score
0.013
Published
2023-10-03
CVE-2023-33028
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-10-03
CVE-2023-33029
Memory corruption in DSP Service during a remote call from HLOS to DSP.
CVSS Score
8.4
EPSS Score
0.001
Published
2023-10-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved