Shodan
Vulnerabilities
Vulnerable Software
Fedoraproject:  >> Extra Packages For Enterprise Linux  Security Vulnerabilities
CVE-2023-5549
Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to manage.
CVSS Score
3.3
EPSS Score
0.003
Published
2023-11-09
CVE-2023-5550
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution.
CVSS Score
6.5
EPSS Score
0.011
Published
2023-11-09
CVE-2023-5540
A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers.
CVSS Score
4.7
EPSS Score
0.018
Published
2023-11-09
CVE-2023-5542
Students in "Only see own membership" groups could see other students in the group, which should be hidden.
CVSS Score
3.3
EPSS Score
0.003
Published
2023-11-09
CVE-2023-5545
H5P metadata automatically populated the author with the user's username, which could be sensitive information.
CVSS Score
3.3
EPSS Score
0.003
Published
2023-11-09
CVE-2023-5539
A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers.
CVSS Score
4.7
EPSS Score
0.018
Published
2023-11-09
CVE-2023-3428
A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service.
CVSS Score
6.2
EPSS Score
0.0
Published
2023-10-04
CVE-2022-4318
A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-09-25
CVE-2023-38253
An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.
CVSS Score
4.7
EPSS Score
0.0
Published
2023-07-14
CVE-2023-38252
An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.
CVSS Score
4.7
EPSS Score
0.0
Published
2023-07-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved