Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2022
CVE-2021-23246
In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting in user information disclosure.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-03-11
CVE-2022-24433
The package simple-git before 3.3.0 are vulnerable to Command Injection via argument injection. When calling the .fetch(remote, branch, handlerFn) function, both the remote and branch parameters are passed to the git fetch subcommand. By injecting some git options it was possible to get arbitrary command execution.
CVSS Score
8.1
EPSS Score
0.009
Published
2022-03-11
CVE-2021-44618
A Server-side Template Injection (SSTI) vulnerability exists in Nystudio107 Seomatic 3.4.12 in src/helpers/UrlHelper.php via the host header.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-03-11
CVE-2021-44620
A Command Injection vulnerability exits in TOTOLINK A3100R <=V4.1.2cu.5050_B20200504 in adm/ntm.asp via the hosTime parameters.
CVSS Score
9.8
EPSS Score
0.039
Published
2022-03-11
CVE-2022-0932
Missing Authorization in GitHub repository saleor/saleor prior to 3.1.2.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-03-11
CVE-2022-21819
NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU configuration may allow an unprivileged attacker with physical access to the board direct read/write access to the entire system address space through the PCI bus. Such an attack could result in denial of service, code execution, escalation of privileges, and impact to data integrity and confidentiality. The scope impact may extend to other components.
CVSS Score
7.6
EPSS Score
0.001
Published
2022-03-11
CVE-2022-0860
Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.
CVSS Score
8.2
EPSS Score
0.007
Published
2022-03-11
CVE-2022-0871
Missing Authorization in GitHub repository gogs/gogs prior to 0.12.5.
CVSS Score
8.2
EPSS Score
0.01
Published
2022-03-11
CVE-2022-0928
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.12.
CVSS Score
6.8
EPSS Score
0.063
Published
2022-03-11
CVE-2022-0870
Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5.
CVSS Score
5.0
EPSS Score
0.091
Published
2022-03-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved