Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2022
CVE-2022-35639
IBM Sterling Partner Engagement Manager 6.1, 6.2, and Cloud 22.2 do not limit the length of a connection which could cause the server to become unresponsive. IBM X-Force ID: 230932.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-07-26
CVE-2022-36412
In Zoho ManageEngine SupportCenter Plus before 11023, V3 API requests are vulnerable to authentication bypass. (An API request may, in effect, be executed with the credentials of a user who authenticated in the past.)
CVSS Score
9.8
EPSS Score
0.015
Published
2022-07-26
CVE-2022-33745
insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / value between old and new code positions. The now wrong use of the variable did lead to a wrong TLB flush condition, omitting flushes where such are necessary.
CVSS Score
8.8
EPSS Score
0.0
Published
2022-07-26
CVE-2022-34067
Warehouse Management System v1.0 was discovered to contain a SQL injection vulnerability via the cari parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-07-26
CVE-2022-34988
Inout Blockchain AltExchanger v1.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/js.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-07-26
CVE-2022-34989
Fruits Bazar v1.0 was discovered to contain a SQL injection vulnerability via the recover_email parameter at user_password_recover.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-07-26
CVE-2022-34991
Paymoney v3.3 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities via the first_name and last_name parameters.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-07-26
CVE-2022-36161
Orange Station 1.0 was discovered to contain a SQL injection vulnerability via the username parameter.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-07-26
CVE-2021-33447
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_print() in mjs.c.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-07-26
CVE-2021-33448
An issue was discovered in mjs(mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow at 0x7fffe9049390.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-07-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved