Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2022
CVE-2021-46494
Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_ValueLookupBase in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-27
CVE-2021-46495
Jsish v3.5.0 was discovered to contain a heap-use-after-free via DeleteTreeValue in src/jsiObj.c. This vulnerability can lead to a Denial of Service (DoS).
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-27
CVE-2021-46496
Jsish v3.5.0 was discovered to contain a heap-use-after-free via Jsi_ObjFree in src/jsiObj.c. This vulnerability can lead to a Denial of Service (DoS).
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-27
CVE-2021-46497
Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_UserObjDelete in src/jsiUserObj.c. This vulnerability can lead to a Denial of Service (DoS).
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-27
CVE-2021-46498
Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_wswebsocketObjFree in src/jsiWebSocket.c. This vulnerability can lead to a Denial of Service (DoS).
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-27
CVE-2021-46427
An SQL Injection vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 via the message parameter in Master.php.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-01-27
CVE-2021-46428
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 ( and previous versions via the bot_avatar parameter in SystemSettings.php.
CVSS Score
9.8
EPSS Score
0.027
Published
2022-01-27
CVE-2021-46097
Dolphinphp v1.5.0 contains a remote code execution vulnerability in /application/common.php#action_log
CVSS Score
8.8
EPSS Score
0.011
Published
2022-01-27
CVE-2021-46102
From version 0.2.14 to 0.2.16 for Solana rBPF, function "relocate" in the file src/elf.rs has an integer overflow bug because the sym.st_value is read directly from ELF file without checking. If the sym.st_value is rather large, an integer overflow is triggered while calculating the variable "addr" via "addr = (sym.st_value + refd_pa) as u64";
CVSS Score
7.5
EPSS Score
0.005
Published
2022-01-27
CVE-2021-46377
There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.php#viewUser
CVSS Score
9.8
EPSS Score
0.002
Published
2022-01-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved