Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2022
CVE-2022-38144
Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team wpForo Forum plugin <= 2.0.5 at WordPress.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-09-09
CVE-2022-38457
A use-after-free(UAF) vulnerability was found in function 'vmw_cmd_res_check' in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).
CVSS Score
6.3
EPSS Score
0.0
Published
2022-09-09
CVE-2022-38700
OpenHarmony-v3.1.1 and prior versions have a permission bypass vulnerability. LAN attackers can bypass permission control and get control of camera service.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-09-09
CVE-2022-38701
OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.
CVSS Score
6.2
EPSS Score
0.0
Published
2022-09-09
CVE-2022-39119
In network service, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
CVSS Score
7.8
EPSS Score
0.001
Published
2022-09-09
CVE-2022-39844
Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3.22083 allows local attackers to delete arbitrary directory using directory junction.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-09-09
CVE-2022-39845
Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074 allows local attackers to delete arbitrary directory using directory junction.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-09-09
CVE-2022-39846
DLL hijacking vulnerability in Smart Switch PC prior to version 4.3.22083_3 allows attacker to execute arbitrary code.
CVSS Score
6.2
EPSS Score
0.001
Published
2022-09-09
CVE-2022-3077
A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2C_SMBUS_BLOCK_PROC_CALL case (via the ioctl I2C_SMBUS) with malicious input data. This flaw could allow a local user to crash the system.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-09
CVE-2022-36874
Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number.
CVSS Score
5.9
EPSS Score
0.001
Published
2022-09-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved