Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2022
CVE-2020-23556
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e28.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-09-16
CVE-2020-23557
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000755d.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-09-16
CVE-2020-23558
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000007f4b.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-09-16
CVE-2020-23559
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000007d7f.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-09-16
CVE-2020-23560
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000001bcab.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-09-16
CVE-2022-35415
An improper input validation in NI System Configuration Manager before 22.5 may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-09-16
CVE-2022-36532
Bolt CMS contains a vulnerability in version 5.1.12 and below that allows an authenticated user with the ROLE_EDITOR privileges to upload and rename a malicious file to achieve remote code execution.
CVSS Score
8.8
EPSS Score
0.767
Published
2022-09-16
CVE-2022-36533
Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below was discovered to contain a cross-site scripting (XSS) vulnerability.
CVSS Score
5.4
EPSS Score
0.062
Published
2022-09-16
CVE-2022-36534
Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below was discovered to contain multiple remote code execution (RCE) vulnerabilities via the Job_ExecuteBefore and Job_ExecuteAfter parameters at post_profilesettings.php.
CVSS Score
8.8
EPSS Score
0.847
Published
2022-09-16
CVE-2022-36536
An issue in the component post_applogin.php of Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below allows attackers to escalate privileges via creating crafted session tokens.
CVSS Score
9.8
EPSS Score
0.36
Published
2022-09-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved