Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2023
CVE-2023-39199
Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access.
CVSS Score
4.9
EPSS Score
0.001
Published
2023-11-14
CVE-2023-39202
Untrusted search path in Zoom Rooms Client for Windows and Zoom VDI Client may allow a privileged user to conduct a denial of service via local access.
CVSS Score
3.1
EPSS Score
0.0
Published
2023-11-14
CVE-2023-39203
Uncontrolled resource consumption in Zoom Team Chat for Zoom Desktop Client for Windows and Zoom VDI Client may allow an unauthenticated user to conduct a disclosure of information via network access.
CVSS Score
4.3
EPSS Score
0.002
Published
2023-11-14
CVE-2023-39204
Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
CVSS Score
4.3
EPSS Score
0.003
Published
2023-11-14
CVE-2023-39205
Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access.
CVSS Score
4.3
EPSS Score
0.004
Published
2023-11-14
CVE-2023-47528
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sajjad Hossain Sagor WP Edit Username plugin <= 1.0.5 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-11-14
CVE-2023-47532
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Themeum WP Crowdfunding plugin <= 2.1.6 versions.
CVSS Score
5.8
EPSS Score
0.002
Published
2023-11-14
CVE-2023-48217
Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fields in the control panel. Malicious users could leverage this vulnerability to upload and execute code. This issue has been patched in versions 3.4.14 and 4.34.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Score
8.8
EPSS Score
0.01
Published
2023-11-14
CVE-2023-46022
SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter.
CVSS Score
7.8
EPSS Score
0.005
Published
2023-11-14
CVE-2023-46023
SQL injection vulnerability in addTask.php in Code-Projects Simple Task List 1.0 allows attackers to obtain sensitive information via the 'status' parameter.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-11-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved