Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2023
CVE-2023-47125
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions DOM processing instructions are not handled correctly. This allows bypassing the cross-site scripting mechanism of typo3/html-sanitizer. This vulnerability has been addressed in versions 1.5.3 and 2.1.4. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Score
4.7
EPSS Score
0.003
Published
2023-11-14
CVE-2023-47658
Auth. (ShopManager+) Stored Cross-Site Scripting (XSS) vulnerability in actpro Extra Product Options for WooCommerce plugin <= 3.0.3 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-11-14
CVE-2023-47653
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Abu Bakar TWB Woocommerce Reviews plugin <= 1.7.5 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-11-14
CVE-2023-47654
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in livescore.Bz BZScore – Live Score plugin <= 1.03 versions.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-11-14
CVE-2023-47656
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Marco Milesi ANAC XML Bandi di Gara plugin <= 7.5 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-11-14
CVE-2023-39411
Improper input validationation for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access.
CVSS Score
5.0
EPSS Score
0.0
Published
2023-11-14
CVE-2023-39412
Cross-site request forgery in some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-11-14
CVE-2023-40220
Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-11-14
CVE-2023-40540
Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.
CVSS Score
4.1
EPSS Score
0.001
Published
2023-11-14
CVE-2023-40719
A use of hard-coded credentials vulnerability in Fortinet FortiAnalyzer and FortiManager 7.0.0 - 7.0.8, 7.2.0 - 7.2.3 and 7.4.0 allows an attacker to access Fortinet private testing data via the use of static credentials.
CVSS Score
4.1
EPSS Score
0.0
Published
2023-11-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved