Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2022
CVE-2021-0707
In dma_buf_release of dma-buf.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-155756045References: Upstream kernel
CVSS Score
7.8
EPSS Score
0.0
Published
2022-04-12
CVE-2022-27472
SQL injection vulnerability in Topics Counting feature of Roothub 2.6.0 allows unauthorized attackers to execute arbitrary SQL commands via the "s" parameter remotely.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-04-12
CVE-2022-27473
SQL injection vulnerability in Topics Searching feature of Roothub 2.6.0 allows unauthorized attackers to execute arbitrary SQL commands via the "s" parameter remotely.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-04-12
CVE-2022-28032
AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_pages.php
CVSS Score
9.8
EPSS Score
0.468
Published
2022-04-12
CVE-2022-28033
Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_uploads.php
CVSS Score
9.8
EPSS Score
0.584
Published
2022-04-12
CVE-2022-28034
AtomCMS 2.0 is vulnerabie to SQL Injection via Atom.CMS_admin_ajax_list-sort.php
CVSS Score
9.8
EPSS Score
0.005
Published
2022-04-12
CVE-2022-28035
Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_blur-save.php
CVSS Score
9.8
EPSS Score
0.005
Published
2022-04-12
CVE-2022-28036
AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_navigation.php
CVSS Score
9.8
EPSS Score
0.005
Published
2022-04-12
CVE-2021-31805
The fix issued for CVE-2020-17530 was incomplete. So from Apache Struts 2.0.0 to 2.5.29, still some of the tag’s attributes could perform a double evaluation if a developer applied forced OGNL evaluation by using the %{...} syntax. Using forced OGNL evaluation on untrusted user input can lead to a Remote Code Execution and security degradation.
CVSS Score
9.8
EPSS Score
0.939
Published
2022-04-12
CVE-2021-42255
AppGuard Enterprise before 6.7.100.1 creates a Temporary File in a Directory with Insecure Permissions. Local users can gain SYSTEM privileges because a repair operation relies on the %TEMP% directory of an unprivileged user.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-04-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved