Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In December 2023
CVE-2023-40921
SQL Injection vulnerability in functions/point_list.php in Common Services soliberte before v4.3.03 allows attackers to obtain sensitive information via the lat and lng parameters.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-12-14
CVE-2023-41618
Emlog Pro v2.1.14 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component /admin/article.php?active_savedraft.
CVSS Score
6.1
EPSS Score
0.002
Published
2023-12-14
CVE-2023-21751
Azure DevOps Server Spoofing Vulnerability
CVSS Score
6.5
EPSS Score
0.002
Published
2023-12-14
CVE-2023-45170
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the piobe command to escalate privileges or cause a denial of service. IBM X-Force ID: 267968.
CVSS Score
8.4
EPSS Score
0.0
Published
2023-12-13
CVE-2023-45174
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a privileged local user to exploit a vulnerability in the qdaemon command to escalate privileges or cause a denial of service. IBM X-Force ID: 267972.
CVSS Score
8.4
EPSS Score
0.0
Published
2023-12-13
CVE-2023-49646
Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access.
CVSS Score
6.4
EPSS Score
0.0
Published
2023-12-13
CVE-2023-41621
A Cross Site Scripting (XSS) vulnerability was discovered in Emlog Pro v2.1.14 via the component /admin/store.php.
CVSS Score
6.1
EPSS Score
0.053
Published
2023-12-13
CVE-2023-43583
Cryptographic issues Zoom Mobile App for Android, Zoom Mobile App for iOS, and Zoom SDKs for Android and iOS before version 5.16.0 may allow a privileged user to conduct a disclosure of information via network access.
CVSS Score
4.9
EPSS Score
0.001
Published
2023-12-13
CVE-2023-43585
Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of information via network access.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-12-13
CVE-2023-43586
Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows may allow an authenticated user to conduct an escalation of privilege via network access.
CVSS Score
7.3
EPSS Score
0.001
Published
2023-12-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved