Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2022
CVE-2022-41358
A stored cross-site scripting (XSS) vulnerability in Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the categoriesName parameter in createCategories.php.
CVSS Score
5.4
EPSS Score
0.003
Published
2022-10-20
CVE-2022-3327
Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.
CVSS Score
4.5
EPSS Score
0.001
Published
2022-10-20
CVE-2022-41780
In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.4.0, a directory traversal vulnerability exists in an undisclosed location of the F5OS CLI that allows an attacker to read arbitrary files.
CVSS Score
5.5
EPSS Score
0.002
Published
2022-10-19
CVE-2022-41787
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when DNS profile is configured on a virtual server with DNS Express enabled, undisclosed DNS queries with DNSSEC can cause TMM to terminate.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-10-19
CVE-2022-41806
In versions 16.1.x before 16.1.3.2 and 15.1.x before 15.1.5.1, when BIG-IP AFM Network Address Translation policy with IPv6/IPv4 translation rules is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-10-19
CVE-2022-41813
In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when BIG-IP is provisioned with PEM or AFM module, an undisclosed input can cause Traffic Management Microkernel (TMM) to terminate.
CVSS Score
6.5
EPSS Score
0.004
Published
2022-10-19
CVE-2022-41832
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when a SIP profile is configured on a virtual server, undisclosed messages can cause an increase in memory resource utilization.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-10-19
CVE-2022-41833
In all BIG-IP 13.1.x versions, when an iRule containing the HTTP::collect command is configured on a virtual server, undisclosed requests can cause Traffic Management Microkernel (TMM) to terminate.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-10-19
CVE-2022-41835
In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.5.0, excessive file permissions in F5OS allows an authenticated local attacker to execute limited set of commands in a container and impact the F5OS controller.
CVSS Score
7.3
EPSS Score
0.0
Published
2022-10-19
CVE-2022-41836
When an 'Attack Signature False Positive Mode' enabled security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-10-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved