Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2022
CVE-2022-32818
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5. An app may be able to leak sensitive kernel state.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-09-23
CVE-2022-32819
A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to gain root privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-09-23
CVE-2022-22628
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-09-23
CVE-2022-22637
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. A malicious website may cause unexpected cross-origin behavior.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-09-23
CVE-2022-26700
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to code execution.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-09-23
CVE-2022-26707
An issue in the handling of environment variables was addressed with improved validation. This issue is fixed in macOS Monterey 12.4. A user may be able to view sensitive user information.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-09-23
CVE-2022-28886
A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where aerdl.so/aerdl.dll may go into an infinite loop when unpacking PE files. It is possible that this can crash the scanning engine
CVSS Score
4.3
EPSS Score
0.001
Published
2022-09-23
CVE-2022-30124
An improper authentication vulnerability exists in Rocket.Chat Mobile App <4.14.1.22788 that allowed an attacker with physical access to a mobile device to bypass local authentication (PIN code).
CVSS Score
6.8
EPSS Score
0.001
Published
2022-09-23
CVE-2022-32211
A SQL injection vulnerability exists in Rocket.Chat <v3.18.6, <v4.4.4 and <v4.7.3 which can allow an attacker to retrieve a reset password token through or a 2fa secret.
CVSS Score
8.8
EPSS Score
0.008
Published
2022-09-23
CVE-2022-32217
A cleartext storage of sensitive information exists in Rocket.Chat <v4.6.4 due to Oauth token being leaked in plaintext in Rocket.chat logs.
CVSS Score
5.3
EPSS Score
0.003
Published
2022-09-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved