Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2022
CVE-2021-44340
David Brackeen ok-file-formats dev version is vulnerable to Buffer Overflow. When the function of the ok-file-formats project is used, a heap-buffer-overflow occurred in function ok_jpg_generate_huffman_table() in "/ok_jpg.c:403".
CVSS Score
7.8
EPSS Score
0.002
Published
2022-02-28
CVE-2022-24711
CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. Prior to version 4.1.9, an improper input validation vulnerability allows attackers to execute CLI routes via HTTP request. Version 4.1.9 contains a patch. There are currently no known workarounds for this vulnerability.
CVSS Score
9.4
EPSS Score
0.004
Published
2022-02-28
CVE-2021-44334
David Brackeen ok-file-formats 97f78ca is vulnerable to Buffer Overflow. When the function of the ok-file-formats project is used, a heap-buffer-overflow occurs in function ok_jpg_convert_YCbCr_to_RGB() in "/ok_jpg.c:513" .
CVSS Score
7.8
EPSS Score
0.002
Published
2022-02-28
CVE-2022-25642
Obyte (formerly Byteball) Wallet before 3.4.1 allows XSS. A crafted chat message can lead to remote code execution.
CVSS Score
6.1
EPSS Score
0.009
Published
2022-02-28
CVE-2021-43086
ARM astcenc 3.2.0 is vulnerable to Buffer Overflow. When the compression function of the astc-encoder project with -cl option was used, a stack-buffer-overflow occurred in function encode_ise() in function compress_symbolic_block_for_partition_2planes() in "/Source/astcenc_compress_symbolic.cpp".
CVSS Score
9.8
EPSS Score
0.004
Published
2022-02-28
CVE-2022-24571
Car Driving School Management System v1.0 is affected by SQL injection in the login page. An attacker can use simple SQL login injection payload to get admin access.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-02-28
CVE-2022-24572
Car Driving School Management System v1.0 is affected by Cross Site Scripting (XSS) in the User Enrollment Form (Username Field). To exploit this Vulnerability, an admin views the registered user details.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-02-28
CVE-2022-24685
HashiCorp Nomad and Nomad Enterprise 1.0.17, 1.1.11, and 1.2.5 allow invalid HCL for the jobs parse endpoint, which may cause excessive CPU usage. Fixed in 1.0.18, 1.1.12, and 1.2.6.
CVSS Score
7.5
EPSS Score
0.007
Published
2022-02-28
CVE-2022-0768
Server-Side Request Forgery (SSRF) in GitHub repository rudloff/alltube prior to 3.0.2.
CVSS Score
8.6
EPSS Score
0.008
Published
2022-02-28
CVE-2022-0360
The Easy Drag And drop All Import : WP Ultimate CSV Importer WordPress plugin before 6.4.3 does not sanitise and escaped imported comments, which could allow high privilege users to import malicious ones (either intentionnaly or not) and lead to Stored Cross-Site Scripting issues
CVSS Score
4.8
EPSS Score
0.002
Published
2022-02-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved