Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2022
CVE-2022-28291
Insufficiently Protected Credentials: An authenticated user with debug privileges can retrieve stored Nessus policy credentials from the “nessusd” process in cleartext via process dumping. The affected products are all versions of Nessus Essentials and Professional. The vulnerability allows an attacker to access credentials stored in Nessus scanners, potentially compromising its customers’ network of assets.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-10-17
CVE-2022-2428
A crafted tag in the Jupyter Notebook viewer in GitLab EE/CE affecting all versions before 15.1.6, 15.2 to 15.2.4, and 15.3 to 15.3.2 allows an attacker to issue arbitrary HTTP requests
CVSS Score
6.4
EPSS Score
0.001
Published
2022-10-17
CVE-2019-14841
A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-10-17
CVE-2017-7517
An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants in Hawkular Metrics and projects/namespaces in OpenShift. If a user creates a project called "MyProject", and then later deletes it another user can then create a project called "MyProject" and access the metrics stored from the original "MyProject" instance.
CVSS Score
3.5
EPSS Score
0.002
Published
2022-10-17
CVE-2019-14840
A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete enabled which may lead to leak of credentials.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-10-17
CVE-2022-42168
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/fromSetIpMacBind.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-10-17
CVE-2022-42169
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/addWifiMacFilter.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-10-17
CVE-2022-42170
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formWifiWpsStart.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-10-17
CVE-2022-42171
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/saveParentControlInfo.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-10-17
CVE-2022-42237
A SQL Injection issue in Merchandise Online Store v.1.0 allows an attacker to log in to the admin account.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-10-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved