Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2023
CVE-2022-38682
In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-01-04
CVE-2022-38683
In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-01-04
CVE-2022-38684
In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-01-04
CVE-2022-39081
In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.
CVSS Score
6.7
EPSS Score
0.001
Published
2023-01-04
CVE-2022-39082
In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.
CVSS Score
6.7
EPSS Score
0.001
Published
2023-01-04
CVE-2022-39083
In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.
CVSS Score
6.7
EPSS Score
0.001
Published
2023-01-04
CVE-2022-39084
In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.
CVSS Score
6.7
EPSS Score
0.001
Published
2023-01-04
CVE-2022-39085
In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.
CVSS Score
6.7
EPSS Score
0.001
Published
2023-01-04
CVE-2010-10003
A vulnerability classified as critical was found in gesellix titlelink on Joomla. Affected by this vulnerability is an unknown functionality of the file plugin_content_title.php. The manipulation of the argument phrase leads to sql injection. The patch is named b4604e523853965fa981a4e79aef4b554a535db0. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217351.
CVSS Score
5.5
EPSS Score
0.003
Published
2023-01-04
CVE-2022-46081
In Garmin Connect 4.61, terminating a LiveTrack session wouldn't prevent the LiveTrack API from continued exposure of private personal information. NOTE: this is disputed by the vendor because the LiveTrack API service is not a customer-controlled product.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-01-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved