Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2024
CVE-2023-48732
Mattermost fails to scope the WebSocket response around notified users to a each user separately resulting in the WebSocket broadcasting the information about who was notified about a post to everyone else in the channel.
CVSS Score
4.3
EPSS Score
0.006
Published
2024-01-02
CVE-2023-50333
Mattermost fails to update the permissions of the current session for a user who was just demoted to guest, allowing freshly demoted guests to change group names.
CVSS Score
3.7
EPSS Score
0.001
Published
2024-01-02
CVE-2023-6693
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak.
CVSS Score
4.9
EPSS Score
0.0
Published
2024-01-02
CVE-2023-49142
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia audio crash through modify a released pointer.
CVSS Score
4.0
EPSS Score
0.001
Published
2024-01-02
CVE-2023-47216
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through occupy all resources
CVSS Score
2.9
EPSS Score
0.0
Published
2024-01-02
CVE-2023-47857
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia camera crash through modify a released pointer.
CVSS Score
4.0
EPSS Score
0.001
Published
2024-01-02
CVE-2023-48360
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash through modify a released pointer.
CVSS Score
4.0
EPSS Score
0.001
Published
2024-01-02
CVE-2023-49135
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash through modify a released pointer.
CVSS Score
4.0
EPSS Score
0.0
Published
2024-01-02
CVE-2023-43511
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-01-02
CVE-2023-43512
Transient DOS while parsing GATT service data when the total amount of memory that is required by the multiple services is greater than the actual size of the services buffer.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-01-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved