Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2022
CVE-2021-42870
ACCEL-PPP 1.12.0 has an out-of-bounds read in post_msg when processing a call_clear_request.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-05-16
CVE-2021-42897
A remote command execution (RCE) vulnerability was found in FeMiner wms V1.0 in /wms/src/system/datarec.php. The $_POST[r_name] is directly passed into the $mysqlstr and is executed by exec.
CVSS Score
9.8
EPSS Score
0.071
Published
2022-05-16
CVE-2022-29017
Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x86_64/multiarch/strlen-avx2.S.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-05-16
CVE-2022-29351
An arbitrary file upload vulnerability in the file upload module of Tiddlywiki5 v5.2.2 allows attackers to execute arbitrary code via a crafted SVG file. Note: The vendor argues that this is not a legitimate issue and there is no vulnerability here.
CVSS Score
9.8
EPSS Score
0.014
Published
2022-05-16
CVE-2022-29353
An arbitrary file upload vulnerability in the file upload module of Graphql-upload v13.0.0 allows attackers to execute arbitrary code via a crafted filename.
CVSS Score
9.8
EPSS Score
0.01
Published
2022-05-16
CVE-2022-29354
An arbitrary file upload vulnerability in the file upload module of Keystone v4.2.1 allows attackers to execute arbitrary code via a crafted file.
CVSS Score
9.8
EPSS Score
0.039
Published
2022-05-16
CVE-2022-30011
In HMS 1.0 when requesting appointment.php through POST, multiple parameters can lead to a SQL injection vulnerability.
CVSS Score
9.8
EPSS Score
0.013
Published
2022-05-16
CVE-2022-30012
In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-05-16
CVE-2022-29587
Konica Minolta bizhub MFP devices before 2022-04-14 have an internal Chromium browser that executes with root (aka superuser) access privileges.
CVSS Score
4.0
EPSS Score
0.001
Published
2022-05-16
CVE-2022-29588
Konica Minolta bizhub MFP devices before 2022-04-14 use cleartext password storage for the /var/log/nginx/html/ADMINPASS and /etc/shadow files.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-05-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved