Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2024
CVE-2024-11665
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in hardy-barth cph2_echarge_firmware allows OS Command Injection.This issue affects cph2_echarge_firmware: through 2.0.4.
CVSS Score
8.8
EPSS Score
0.006
Published
2024-11-24
CVE-2024-53911
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24339. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.
CVSS Score
9.8
EPSS Score
0.04
Published
2024-11-24
CVE-2024-53912
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24341. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.
CVSS Score
9.8
EPSS Score
0.04
Published
2024-11-24
CVE-2024-53913
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24343. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.
CVSS Score
9.8
EPSS Score
0.04
Published
2024-11-24
CVE-2024-53914
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24344. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.
CVSS Score
9.8
EPSS Score
0.04
Published
2024-11-24
CVE-2024-53915
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24405. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.
CVSS Score
9.8
EPSS Score
0.04
Published
2024-11-24
CVE-2024-53909
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24334. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.
CVSS Score
9.8
EPSS Score
0.04
Published
2024-11-24
CVE-2024-53910
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24336. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.
CVSS Score
9.8
EPSS Score
0.04
Published
2024-11-24
CVE-2024-53901
The Imager package before 1.025 for Perl has a heap-based buffer overflow leading to denial of service, or possibly unspecified other impact, when the trim() method is called on a crafted input image.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-11-24
CVE-2024-53899
virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287.
CVSS Score
7.8
EPSS Score
0.002
Published
2024-11-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved