Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2022
CVE-2022-20460
In (TBD) mprot_unmap? of (TBD), there is a possible way to corrupt the memory mapping due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239557547References: N/A
CVSS Score
6.7
EPSS Score
0.0
Published
2022-11-17
CVE-2022-23748
Known exploited
mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to load the DLL, from which folder and under what conditions. In these scenarios, a malicious attacker could be using the valid and legitimate executable to load malicious files.
CVSS Score
7.8
EPSS Score
0.222
Published
2022-11-17
CVE-2022-20428
In (TBD) of (TBD), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239555411References: N/A
CVSS Score
6.7
EPSS Score
0.0
Published
2022-11-17
CVE-2022-20459
In (TBD) of (TBD), there is a possible way to redirect code execution due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239556260References: N/A
CVSS Score
6.7
EPSS Score
0.0
Published
2022-11-17
CVE-2022-20427
In (TBD) of (TBD), there is a possible way to corrupt memory due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239555070References: N/A
CVSS Score
6.7
EPSS Score
0.0
Published
2022-11-17
CVE-2021-36905
Multiple Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in Quiz And Survey Master plugin <= 7.3.4 on WordPress.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-11-17
CVE-2022-44001
An issue was discovered in BACKCLICK Professional 5.9.63. User authentication for accessing the CORBA back-end services can be bypassed.
CVSS Score
9.8
EPSS Score
0.0
Published
2022-11-17
CVE-2022-44725
OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a configuration file. This allows a normal user to create a malicious file that is loaded by LDS (running as a high-privilege user).
CVSS Score
7.8
EPSS Score
0.001
Published
2022-11-17
CVE-2022-45071
Cross-Site Request Forgery (CSRF) vulnerability in WPML Multilingual CMS premium plugin <= 4.5.13 on WordPress.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-11-17
CVE-2022-45072
Cross-Site Request Forgery (CSRF) vulnerability in WPML Multilingual CMS premium plugin <= 4.5.13 on WordPress.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-11-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved