Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2022
CVE-2022-28363
Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/login_process username parameter via GET. No authentication is required.
CVSS Score
6.1
EPSS Score
0.078
Published
2022-04-09
CVE-2022-28364
Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/rlmswitchr_process file parameter via GET. Authentication is required.
CVSS Score
5.4
EPSS Score
0.004
Published
2022-04-09
CVE-2022-26877
Asana Desktop before 1.6.0 allows remote attackers to exfiltrate local files if they can trick the Asana desktop app into loading a malicious web page.
CVSS Score
6.5
EPSS Score
0.004
Published
2022-04-09
CVE-2022-27883
A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to privilege escalation. Please note that an attacker must at least have low-level privileges on the system to attempt to exploit this vulnerability.
CVSS Score
7.3
EPSS Score
0.007
Published
2022-04-09
CVE-2022-26180
qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/myAccount/update URI.
CVSS Score
8.8
EPSS Score
0.004
Published
2022-04-08
CVE-2022-26588
A Cross-Site Request Forgery (CSRF) in IceHrm 31.0.0.OS allows attackers to delete arbitrary users or achieve account takeover via the app/service.php URI.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-04-08
CVE-2021-36287
Dell VNX2 for file version 8.1.21.266 and earlier, contain an unauthenticated remote code execution vulnerability which may lead unauthenticated users to execute commands on the system.
CVSS Score
7.3
EPSS Score
0.021
Published
2022-04-08
CVE-2021-36288
Dell VNX2 for File version 8.1.21.266 and earlier, contain a path traversal vulnerability which may lead unauthenticated users to read/write restricted files
CVSS Score
8.6
EPSS Score
0.009
Published
2022-04-08
CVE-2021-36290
Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain privileges.
CVSS Score
6.4
EPSS Score
0.0
Published
2022-04-08
CVE-2021-36293
Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain elevated privileges.
CVSS Score
6.4
EPSS Score
0.001
Published
2022-04-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved