Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2022
CVE-2022-32405
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/prisons/view_prison.php:4
CVSS Score
8.8
EPSS Score
0.002
Published
2022-06-24
CVE-2022-2147
Cloudflare Warp for Windows from version 2022.2.95.0 contained an unquoted service path which enables arbitrary code execution leading to privilege escalation. The fix was released in version 2022.3.186.0.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-06-23
CVE-2022-2183
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVSS Score
7.8
EPSS Score
0.011
Published
2022-06-23
CVE-2022-32987
Multiple cross-site scripting (XSS) vulnerabilities in /bsms/?page=manage_account of Simple Bakery Shop Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username or Full Name fields.
CVSS Score
4.8
EPSS Score
0.002
Published
2022-06-23
CVE-2022-2182
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS Score
7.8
EPSS Score
0.014
Published
2022-06-23
CVE-2022-26862
Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.
CVSS Score
6.3
EPSS Score
0.0
Published
2022-06-23
CVE-2022-26863
Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.
CVSS Score
6.3
EPSS Score
0.0
Published
2022-06-23
CVE-2022-26864
Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.
CVSS Score
6.3
EPSS Score
0.0
Published
2022-06-23
CVE-2022-34212
A missing permission check in Jenkins vRealize Orchestrator Plugin 3.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request to an attacker-specified URL.
CVSS Score
5.7
EPSS Score
0.005
Published
2022-06-23
CVE-2022-34213
Jenkins Squash TM Publisher (Squash4Jenkins) Plugin 1.0.0 and earlier stores passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.
CVSS Score
6.5
EPSS Score
0.004
Published
2022-06-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved