Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2022
CVE-2022-34336
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229714.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-09-13
CVE-2022-34356
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to obtain root privileges. IBM X-Force ID: 230502.
CVSS Score
8.4
EPSS Score
0.0
Published
2022-09-13
CVE-2022-35637
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service after entering a malformed SQL statement into the Db2expln tool. IBM X-Force ID: 230823.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-09-13
CVE-2022-36768
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to obtain root privileges. IBM X-Force ID: 232014.
CVSS Score
8.4
EPSS Score
0.0
Published
2022-09-13
CVE-2022-38306
LIEF commit 5d1d643 was discovered to contain a heap-buffer overflow in the component /core/CorePrPsInfo.tcc.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-09-13
CVE-2022-38307
LIEF commit 5d1d643 was discovered to contain a segmentation violation via the function LIEF::MachO::SegmentCommand::file_offset() at /MachO/SegmentCommand.cpp.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-13
CVE-2022-38329
A CSRF vulnerability in Shopxian CMS 3.0.0 could allow an unauthenticated, remote attacker to craft a malicious link, potentially causing the administrator to perform unintended actions on an affected system. The vulnerability could allow attackers to modify or delete specific content through crafted requests, potentially leading to data loss and system integrity issues.
CVSS Score
4.3
EPSS Score
0.003
Published
2022-09-13
CVE-2022-38495
LIEF commit 365a16a was discovered to contain a heap-buffer overflow via the function print_binary at /c/macho_reader.c.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-09-13
CVE-2022-38496
LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-13
CVE-2022-38497
LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved