Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2022
CVE-2021-3914
It was found that the smallrye health metrics UI component did not properly sanitize some user inputs. An attacker could use this flaw to conduct cross-site scripting attacks.
CVSS Score
6.1
EPSS Score
0.003
Published
2022-08-25
CVE-2021-3929
A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function nvme_ctrl_reset(), data structs will be freed leading to a use-after-free issue. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition or, potentially, executing arbitrary code within the context of the QEMU process on the host.
CVSS Score
8.2
EPSS Score
0.042
Published
2022-08-25
CVE-2021-3979
A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-08-25
CVE-2021-4112
A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment.
CVSS Score
8.8
EPSS Score
0.0
Published
2022-08-25
CVE-2022-2980
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259.
CVSS Score
6.3
EPSS Score
0.0
Published
2022-08-25
CVE-2022-2982
Use After Free in GitHub repository vim/vim prior to 9.0.0260.
CVSS Score
7.6
EPSS Score
0.0
Published
2022-08-25
CVE-2020-27796
A heap-based buffer over-read was discovered in the invert_pt_dynamic function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-08-25
CVE-2020-27797
An invalid memory address reference was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-08-25
CVE-2020-27798
An invalid memory address reference was discovered in the adjABS function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-08-25
CVE-2020-27799
A heap-based buffer over-read was discovered in the acc_ua_get_be32 function in miniacc.h in UPX 4.0.0 via a crafted Mach-O file.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-08-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved