Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2022
CVE-2022-27444
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_subselect.cc.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-04-14
CVE-2022-27445
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/sql_window.cc.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-04-14
CVE-2022-27446
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.h.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-04-14
CVE-2022-27447
MariaDB Server v10.9 and below was discovered to contain a use-after-free via the component Binary_string::free_buffer() at /sql/sql_string.h.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-04-14
CVE-2022-27448
There is an Assertion failure in MariaDB Server v10.9 and below via 'node->pcur->rel_pos == BTR_PCUR_ON' at /row/row0mysql.cc.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-04-14
CVE-2022-27449
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_func.cc:148.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-04-14
CVE-2021-43287
An issue was discovered in ThoughtWorks GoCD before 21.3.0. The business continuity add-on, which is enabled by default, leaks all secrets known to the GoCD server to unauthenticated attackers.
CVSS Score
7.5
EPSS Score
0.898
Published
2022-04-14
CVE-2022-1351
Stored XSS in Tooltip in GitHub repository pimcore/pimcore prior to 10.4.
CVSS Score
6.8
EPSS Score
0.0
Published
2022-04-14
CVE-2022-1279
A vulnerability in the encryption implementation of EBICS messages in the open source librairy ebics-java/ebics-java-client allows an attacker sniffing network traffic to decrypt EBICS payloads. This issue affects: ebics-java/ebics-java-client versions prior to 1.2.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-04-14
CVE-2022-1350
A vulnerability classified as problematic was found in GhostPCL 9.55.0. This vulnerability affects the function chunk_free_object of the file gsmchunk.c. The manipulation with a malicious file leads to a memory corruption. The attack can be initiated remotely but requires user interaction. The exploit has been disclosed to the public as a POC and may be used. It is recommended to apply the patches to fix this issue.
CVSS Score
4.3
EPSS Score
0.003
Published
2022-04-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved