Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2022
CVE-2022-29323
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the MAC parameter in /goform/editassignment.
CVSS Score
9.8
EPSS Score
0.019
Published
2022-05-10
CVE-2022-29324
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the proto parameter in /goform/form2IPQoSTcAdd.
CVSS Score
9.8
EPSS Score
0.019
Published
2022-05-10
CVE-2022-29325
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addurlfilter parameter in /goform/websURLFilter.
CVSS Score
9.8
EPSS Score
0.015
Published
2022-05-10
CVE-2022-29326
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addhostfilter parameter in /goform/websHostFilter.
CVSS Score
9.8
EPSS Score
0.015
Published
2022-05-10
CVE-2022-29327
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the urladd parameter in /goform/websURLFilterAddDel.
CVSS Score
9.8
EPSS Score
0.015
Published
2022-05-10
CVE-2022-29328
D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a stack overflow via the function checkvalidupgrade.
CVSS Score
9.8
EPSS Score
0.026
Published
2022-05-10
CVE-2022-29329
D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a heap overflow via the devicename parameter in /goform/setDeviceSettings.
CVSS Score
9.8
EPSS Score
0.026
Published
2022-05-10
CVE-2022-1397
API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-05-10
CVE-2022-1537
file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt prior to 1.5.3. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a lower-privileged user has write access to both source and destination directories as the lower-privileged user can create a symlink to the GruntJS user's .bashrc file or replace /etc/shadow file if the GruntJS user is root.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-05-10
CVE-2022-1621
Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
CVSS Score
7.3
EPSS Score
0.001
Published
2022-05-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved