Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2022
CVE-2022-21936
On Metasys ADX Server version 12.0 running MVE, an Active Directory user could execute validated actions without providing a valid password when using MVE SMP UI.
CVSS Score
8.1
EPSS Score
0.001
Published
2022-10-07
CVE-2020-15855
Two cross-site scripting vulnerabilities were fixed in Bodhi 5.6.1.
CVSS Score
6.1
EPSS Score
0.001
Published
2022-10-07
CVE-2022-22493
IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulnerable to cross-site request forgery, caused by improper cookie attribute setting. IBM X-Force ID: 226449.
CVSS Score
3.5
EPSS Score
0.001
Published
2022-10-07
CVE-2022-30613
IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366.
CVSS Score
4.4
EPSS Score
0.0
Published
2022-10-07
CVE-2022-34308
IBM CICS TX 11.1 could allow a local user to cause a denial of service due to improper load handling. IBM X-Force ID: 229437.
CVSS Score
6.2
EPSS Score
0.0
Published
2022-10-07
CVE-2022-36772
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that should only be available to a privileged user.
CVSS Score
4.3
EPSS Score
0.001
Published
2022-10-07
CVE-2022-41291
IBM InfoSphere Information Server 11.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 236699.
CVSS Score
6.3
EPSS Score
0.0
Published
2022-10-07
CVE-2022-22480
IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889.
CVSS Score
5.3
EPSS Score
0.001
Published
2022-10-07
CVE-2022-39873
Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical attackers to add bookmarks in secret mode without user authentication.
CVSS Score
4.3
EPSS Score
0.001
Published
2022-10-07
CVE-2022-39874
Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.
CVSS Score
4.0
EPSS Score
0.001
Published
2022-10-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved