Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2022
CVE-2021-44864
TP-Link WR886N 3.0 1.0.1 Build 150127 Rel.34123n is vulnerable to Buffer Overflow. Authenticated attackers can crash router httpd services via /userRpm/PingIframeRpm.htm request which contains redundant & in parameter.
CVSS Score
6.5
EPSS Score
0.033
Published
2022-02-08
CVE-2021-44956
Two Heap based buffer overflow vulnerabilities exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23852. Issues that are in the jfif_decode function at ffjpeg/src/jfif.c (line 552) could cause a Denial of Service by using a crafted jpeg file.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-02-08
CVE-2021-44957
Global buffer overflow vulnerability exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23705. Issue is in the jfif_encode function at ffjpeg/src/jfif.c (line 708) could cause a Denial of Service by using a crafted jpeg file.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-02-08
CVE-2021-45325
Server Side Request Forgery (SSRF) vulneraility exists in Gitea before 1.7.0 using the OpenID URL.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-02-08
CVE-2021-45326
Cross Site Request Forgery (CSRF) vulnerability exists in Gitea before 1.5.2 via API routes.This can be dangerous especially with state altering POST requests.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-02-08
CVE-2021-45327
Gitea before 1.11.2 is affected by Trusting HTTP Permission Methods on the Server Side when referencing the vulnerable admin or user API. which could let a remote malisious user execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.009
Published
2022-02-08
CVE-2022-0510
Cross-site Scripting (XSS) - Reflected in Packagist pimcore/pimcore prior to 10.3.1.
CVSS Score
4.3
EPSS Score
0.0
Published
2022-02-08
CVE-2022-23340
Joplin 2.6.10 allows remote attackers to execute system commands through malicious code in user search results.
CVSS Score
9.8
EPSS Score
0.006
Published
2022-02-08
CVE-2022-23331
In DataEase v1.6.1, an authenticated user can gain unauthorized access to all user information and can change the administrator password.
CVSS Score
8.8
EPSS Score
0.006
Published
2022-02-08
CVE-2022-0509
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.3.1.
CVSS Score
6.6
EPSS Score
0.0
Published
2022-02-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved