Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2023
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
CVSS Score
9.8
EPSS Score
0.265
Published
2023-02-14
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
CVSS Score
9.8
EPSS Score
0.275
Published
2023-02-14
Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability
CVSS Score
7.5
EPSS Score
0.014
Published
2023-02-14
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
CVSS Score
9.8
EPSS Score
0.212
Published
2023-02-14
Microsoft SQL Server Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.004
Published
2023-02-14
CVE-2023-21529
Known exploited
Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.621
Published
2023-02-14
Azure DevOps Server Cross-Site Scripting Vulnerability
CVSS Score
7.1
EPSS Score
0.009
Published
2023-02-14
Microsoft SQL Server Integration Service (VS extension) Remote Code Execution Vulnerability
CVSS Score
7.3
EPSS Score
0.009
Published
2023-02-14
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVSS Score
5.4
EPSS Score
0.006
Published
2023-02-14
HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some headers disappear after being parsed and processed for HTTP/1.0 and HTTP/1.1. For HTTP/2 and HTTP/3, the impact is limited because the headers disappear before being parsed and processed, as if they had not been sent by the client. The fixed versions are 2.7.3, 2.6.9, 2.5.12, 2.4.22, 2.2.29, and 2.0.31.
CVSS Score
9.1
EPSS Score
0.055
Published
2023-02-14


Contact Us

Shodan ® - All rights reserved