Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2022
CVE-2021-4047
The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This issue only affects Red Hat OpenShift 4.9.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-04-11
CVE-2022-0552
A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container was incomplete. The vulnerable netty-codec-http maven package was not removed from the image content. This flaw affects origin-aggregated-logging versions 3.11.
CVSS Score
5.9
EPSS Score
0.002
Published
2022-04-11
CVE-2022-0835
AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileged user.
CVSS Score
8.1
EPSS Score
0.0
Published
2022-04-11
CVE-2022-0999
An authenticated user may be able to misuse parameters to inject arbitrary operating system commands into mySCADA myPRO versions 8.25.0 and prior.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-04-11
CVE-2022-1067
Navigating to a specific URL with a patient ID number will result in the server generating a PDF of a lab report without authentication and rate limiting.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-04-11
CVE-2021-22055
The SchedulerServer in Vmware photon allows remote attackers to inject logs through \r in the package parameter. Attackers can also insert malicious data and fake entries.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-04-11
CVE-2021-36846
Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Premio Chaty (WordPress plugin) <= 2.8.3
CVSS Score
4.8
EPSS Score
0.003
Published
2022-04-11
CVE-2021-36848
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Social Media Feather (WordPress plugin) versions <= 2.0.4
CVSS Score
3.4
EPSS Score
0.003
Published
2022-04-11
CVE-2021-36893
Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Responsive Tabs (WordPress plugin) <= 4.0.5
CVSS Score
4.8
EPSS Score
0.003
Published
2022-04-11
CVE-2021-36896
Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Pricing Table (WordPress plugin) versions <= 1.5.2
CVSS Score
4.8
EPSS Score
0.003
Published
2022-04-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved