Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2023
CVE-2023-46657
Jenkins Gogs Plugin 1.0.15 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-10-25
CVE-2023-46658
Jenkins MSTeams Webhook Trigger Plugin 0.1.1 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-10-25
CVE-2023-46659
Jenkins Edgewall Trac Plugin 1.13 and earlier does not escape the Trac website URL on the build page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
CVSS Score
5.4
EPSS Score
0.008
Published
2023-10-25
CVE-2023-46660
Jenkins Zanata Plugin 0.6 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token hashes are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-10-25
CVE-2023-46548
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWlanRedirect.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-10-25
CVE-2023-46549
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formSetLg.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-10-25
CVE-2023-46550
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDelDevice.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-10-25
CVE-2023-46551
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formReflashClientTbl.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-10-25
CVE-2023-46552
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMultiAP.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-10-25
CVE-2023-46553
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formParentControl.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-10-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved