Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2022
CVE-2022-30324
HashiCorp Nomad and Nomad Enterprise version 0.2.0 up to 1.3.0 were impacted by go-getter vulnerabilities enabling privilege escalation through the artifact stanza in submitted jobs onto the client agent host. Fixed in 1.1.14, 1.2.8, and 1.3.1.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-06-02
CVE-2022-30349
siteserver SSCMS 6.15.51 is vulnerable to Cross Site Scripting (XSS).
CVSS Score
6.1
EPSS Score
0.002
Published
2022-06-02
CVE-2022-30352
phpABook 0.9i is vulnerable to SQL Injection due to insufficient sanitization of user-supplied data in the "auth_user" parameter in index.php script.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-06-02
CVE-2022-30423
Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in the user profile upload point in the system information.
CVSS Score
9.8
EPSS Score
0.01
Published
2022-06-02
CVE-2022-30425
Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request.
CVSS Score
8.8
EPSS Score
0.189
Published
2022-06-02
CVE-2022-30470
In Afian Filerun 20220202 Changing the "search_tika_path" variable to a custom (and previously uploaded) jar file results in remote code execution in the context of the webserver user.
CVSS Score
9.8
EPSS Score
0.083
Published
2022-06-02
CVE-2022-29735
Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 allows attackers to execute arbitrary commands via a crafted HTTP request.
CVSS Score
8.8
EPSS Score
0.006
Published
2022-06-02
CVE-2022-29776
Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a stack overflow via the component DesktopEditor/common/File.cpp.
CVSS Score
9.8
EPSS Score
0.162
Published
2022-06-02
CVE-2022-29777
Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a heap overflow via the component DesktopEditor/fontengine/fontconverter/FontFileBase.h.
CVSS Score
9.8
EPSS Score
0.162
Published
2022-06-02
CVE-2022-29779
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.c.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-06-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved