Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2022
CVE-2022-44187
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via wan_dns1_pri.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-11-22
CVE-2022-44188
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter enable_band_steering.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-11-22
CVE-2022-44190
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter enable_band_steering.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-11-22
CVE-2022-33012
Microweber v1.2.15 was discovered to allow attackers to perform an account takeover via a host header injection attack.
CVSS Score
8.8
EPSS Score
0.005
Published
2022-11-22
CVE-2022-41445
A cross-site scripting (XSS) vulnerability in Record Management System using CodeIgniter 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Subject page.
CVSS Score
4.8
EPSS Score
0.008
Published
2022-11-22
CVE-2022-42094
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the 'Card' content.
CVSS Score
4.8
EPSS Score
0.174
Published
2022-11-22
CVE-2022-42097
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via 'Comment.' .
CVSS Score
4.8
EPSS Score
0.004
Published
2022-11-22
CVE-2022-42098
KLiK SocialMediaWebsite version v1.0.1 is vulnerable to SQL Injection via the profile.php.
CVSS Score
8.8
EPSS Score
0.006
Published
2022-11-22
CVE-2022-3910
Use After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference Count in io_uring leads to Use-After-Free and Local Privilege Escalation. When io_msg_ring was invoked with a fixed file, it called io_fput_file() which improperly decreased its reference count (leading to Use-After-Free and Local Privilege Escalation). Fixed files are permanently registered to the ring, and should not be put separately. We recommend upgrading past commit https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679 https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679
CVSS Score
7.8
EPSS Score
0.003
Published
2022-11-22
CVE-2022-38462
Silverstripe silverstripe/framework through 4.11 is vulnerable to XSS by carefully crafting a return URL on a /dev/build or /Security/login request.
CVSS Score
6.1
EPSS Score
0.005
Published
2022-11-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved