Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2022
CVE-2022-37411
Cross-Site Request Forgery (CSRF) vulnerability in Vinoj Cardoza's Captcha Code plugin <= 2.7 at WordPress.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-09-09
CVE-2022-37412
Authenticated (admin+) Reflected Cross-Site Scripting (XSS) vulnerability in Galerio & Urda's Better Delete Revision plugin <= 1.6.1 at WordPress.
CVSS Score
4.8
EPSS Score
0.004
Published
2022-09-09
CVE-2022-38058
Authenticated (subscriber+) Plugin Setting change vulnerability in WP Shamsi plugin <= 4.1.1 at WordPress.
CVSS Score
4.3
EPSS Score
0.003
Published
2022-09-09
CVE-2022-38059
Cross-Site Request Forgery (CSRF) vulnerability in Alexey Trofimov's Access Code Feeder plugin <= 1.0.3 at WordPress.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-09-09
CVE-2022-38064
OpenHarmony-v3.1.2 and prior versions have a permission bypass vulnerability. Local attackers can bypass permission control and get sensitive information.
CVSS Score
6.2
EPSS Score
0.001
Published
2022-09-09
CVE-2022-36858
A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc() function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
CVSS Score
4.4
EPSS Score
0.0
Published
2022-09-09
CVE-2022-36859
Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows privileged attackers to trigger a XSS on a victim&#39;s devices.
CVSS Score
5.7
EPSS Score
0.002
Published
2022-09-09
CVE-2022-36860
A heap-based overflow vulnerability in LoadEnvironment function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
CVSS Score
4.4
EPSS Score
0.0
Published
2022-09-09
CVE-2022-36861
Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystemUI privilege.
CVSS Score
5.9
EPSS Score
0.0
Published
2022-09-09
CVE-2022-36862
A heap-based overflow vulnerability in HWR::EngineCJK::Impl::Construct() in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
CVSS Score
4.4
EPSS Score
0.0
Published
2022-09-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved