Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2022
CVE-2021-44492
An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, attackers can cause a type to be incorrectly initialized in the function f_incr in sr_port/f_incr.c and cause a crash due to a NULL pointer dereference.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-04-15
CVE-2021-44493
An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that occurs on the stack, causing a buffer overflow.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-04-15
CVE-2021-44494
An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause calls to ZRead to crash due to a NULL pointer dereference.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-04-15
CVE-2021-44495
An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a NULL pointer dereference after calls to ZPrint.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-04-15
CVE-2021-44496
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can control the size variable and buffer that is passed to a call to memcpy. An attacker can use this to overwrite key data structures and gain control of the flow of execution.
CVSS Score
9.8
EPSS Score
0.012
Published
2022-04-15
CVE-2021-44497
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, can cause the bounds of a for loop to be miscalculated, which leads to a use after free condition a pointer is pushed into previously free memory by the loop.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-04-15
CVE-2021-36205
Under certain circumstances the session token is not cleared on logout.
CVSS Score
8.1
EPSS Score
0.003
Published
2022-04-15
CVE-2021-36828
Authenticated (admin+) Stored Cross-Site Scripting (XSS) in WP Maintenance plugin <= 6.0.7 versions.
CVSS Score
4.8
EPSS Score
0.003
Published
2022-04-15
CVE-2021-42230
Seowon 130-SLC router all versions as of 2021-09-15 is vulnerable to Remote Code Execution via the queriesCnt parameter.
CVSS Score
9.8
EPSS Score
0.208
Published
2022-04-15
CVE-2022-27849
Sensitive Information Disclosure (sac-export.csv) in Simple Ajax Chat (WordPress plugin) <= 20220115
CVSS Score
5.3
EPSS Score
0.128
Published
2022-04-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved