Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2022
CVE-2021-43498
An Access Control vulnerability exists in ATutor 2.2.4 in password_reminder.php when the g, id, h, form_password_hidden, and form_change HTTP POST parameters are set.
CVSS Score
7.5
EPSS Score
0.008
Published
2022-04-08
CVE-2022-1284
heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-04-08
CVE-2022-1283
NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service (application crash).
CVSS Score
6.6
EPSS Score
0.003
Published
2022-04-08
CVE-2022-27152
Roku devices running RokuOS v9.4.0 build 4200 or earlier that uses a Realtek WiFi chip is vulnerable to Arbitrary file modification.
CVSS Score
5.7
EPSS Score
0.001
Published
2022-04-08
CVE-2021-43515
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in creating new timesheet in Kimai. By filling the Description field with malicious payload, it will be mistreated while exporting to a CSV file.
CVSS Score
7.8
EPSS Score
0.005
Published
2022-04-08
CVE-2021-43517
FOSCAM Camera FI9805E with firmware V4.02.R12.00018510.10012.143900.00000 contains a backdoor that opens Telnet port when special command is sent on port 9530.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-04-08
CVE-2020-4668
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3, and 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 186283.
CVSS Score
4.3
EPSS Score
0.001
Published
2022-04-08
CVE-2021-40656
libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/quant.c:867.
CVSS Score
8.8
EPSS Score
0.004
Published
2022-04-08
CVE-2021-43483
An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration, which could allow a malicious user to read or update the configuraiton without authentication.
CVSS Score
8.0
EPSS Score
0.001
Published
2022-04-08
CVE-2021-43521
A Buffer Overflow vulnerability exists in zlog 1.2.15 via zlog_conf_build_with_file in src/zlog/src/conf.c.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-04-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved