Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2024
CVE-2022-28656
is_closing_session() allows users to consume RAM in the Apport process
CVSS Score
5.5
EPSS Score
0.002
Published
2024-06-04
CVE-2022-28657
Apport does not disable python crash handler before entering chroot
CVSS Score
7.8
EPSS Score
0.002
Published
2024-06-04
CVE-2022-28658
Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing
CVSS Score
5.5
EPSS Score
0.002
Published
2024-06-04
CVE-2024-30889
Cross Site Scripting vulnerability in audimex audimexEE v.15.1.2 and fixed in 15.1.3.9 allows a remote attacker to execute arbitrary code via the service, method, widget_type, request_id, payload parameters.
CVSS Score
5.4
EPSS Score
0.005
Published
2024-06-04
CVE-2024-36121
netty-incubator-codec-ohttp is the OHTTP implementation for netty. BoringSSLAEADContext keeps track of how many OHTTP responses have been sent and uses this sequence number to calculate the appropriate nonce to use with the encryption algorithm. Unfortunately, two separate errors combine which would allow an attacker to cause the sequence number to overflow and thus the nonce to repeat.
CVSS Score
5.9
EPSS Score
0.003
Published
2024-06-04
CVE-2024-36675
LyLme_spage v1.9.5 is vulnerable to Server-Side Request Forgery (SSRF) via the get_head function.
CVSS Score
9.1
EPSS Score
0.014
Published
2024-06-04
CVE-2024-5635
A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument txtsearch leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-267091.
CVSS Score
5.3
EPSS Score
0.007
Published
2024-06-04
CVE-2022-28652
~/.config/apport/settings parsing is vulnerable to "billion laughs" attack
CVSS Score
5.5
EPSS Score
0.002
Published
2024-06-04
CVE-2022-28654
is_closing_session() allows users to fill up apport.log
CVSS Score
5.5
EPSS Score
0.003
Published
2024-06-04
CVE-2022-28655
is_closing_session() allows users to create arbitrary tcp dbus connections
CVSS Score
7.1
EPSS Score
0.002
Published
2024-06-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved