Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2022
CVE-2020-19861
When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt_rdf) byte data can be copied, causing heap overflow information leakage.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-01-21
CVE-2020-19860
When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-01-21
CVE-2022-0319
Out-of-bounds Read in vim/vim prior to 8.2.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-21
CVE-2020-19858
Platinum Upnp SDK through 1.2.0 has a directory traversal vulnerability. The attack could remote attack victim by sending http://ip:port/../privacy.avi URL to compromise a victim's privacy.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-01-21
CVE-2022-0318
Heap-based Buffer Overflow in vim/vim prior to 8.2.
CVSS Score
6.6
EPSS Score
0.002
Published
2022-01-21
CVE-2022-21933
ASUS VivoMini/Mini PC device has an improper input validation vulnerability. A local attacker with system privilege can use system management interrupt (SMI) to modify memory, resulting in arbitrary code execution for controlling the system or disrupting service.
CVSS Score
6.7
EPSS Score
0.001
Published
2022-01-21
CVE-2022-0326
NULL Pointer Dereference in Homebrew mruby prior to 3.2.
CVSS Score
5.5
EPSS Score
0.003
Published
2022-01-21
CVE-2022-22930
A remote code execution (RCE) vulnerability in the Template Management function of MCMS v5.2.4 allows attackers to execute arbitrary code via a crafted payload.
CVSS Score
9.8
EPSS Score
0.181
Published
2022-01-21
CVE-2022-23314
MCMS v5.2.4 was discovered to contain a SQL injection vulnerability via /ms/mdiy/model/importJson.do.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-01-21
CVE-2022-23315
MCMS v5.2.4 was discovered to contain an arbitrary file upload vulnerability via the component /ms/template/writeFileContent.do.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-01-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved