Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2022
CVE-2022-30500
Jfinal cms 5.1.0 is vulnerable to SQL Injection.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-05-26
CVE-2022-30783
An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-05-26
CVE-2022-30784
A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-05-26
CVE-2022-30785
A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-05-26
CVE-2022-30786
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-05-26
CVE-2022-24414
Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use these tokens to access CloudLink server. Tokens should not be used in request URL to avoid such attacks.
CVSS Score
7.6
EPSS Score
0.003
Published
2022-05-26
CVE-2022-24417
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
CVSS Score
7.5
EPSS Score
0.0
Published
2022-05-26
CVE-2022-1886
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS Score
7.1
EPSS Score
0.001
Published
2022-05-26
CVE-2022-29687
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/level_del.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-05-26
CVE-2022-29688
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/hy.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-05-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved