Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2023
CVE-2020-28407
In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.
CVSS Score
7.1
EPSS Score
0.0
Published
2023-11-03
CVE-2023-35896
IBM Content Navigator 3.0.13 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 259247.
CVSS Score
5.4
EPSS Score
0.0
Published
2023-11-03
CVE-2023-46954
SQL Injection vulnerability in Relativity ODA LLC RelativityOne v.12.1.537.3 Patch 2 and earlier allows a remote attacker to execute arbitrary code via the name parameter.
CVSS Score
9.8
EPSS Score
0.039
Published
2023-11-03
CVE-2023-36034
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS Score
7.3
EPSS Score
0.006
Published
2023-11-03
CVE-2023-46176
IBM MQ Appliance 9.3 CD could allow a local attacker to gain elevated privileges on the system, caused by improper validation of security keys. IBM X-Force ID: 269535.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-11-03
CVE-2017-7252
bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-11-03
CVE-2023-36022
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS Score
6.6
EPSS Score
0.004
Published
2023-11-03
CVE-2023-36029
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVSS Score
4.3
EPSS Score
0.001
Published
2023-11-03
CVE-2023-42027
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 266057.
CVSS Score
4.3
EPSS Score
0.0
Published
2023-11-03
CVE-2023-42029
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266059.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-11-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved