Shodan
Vulnerabilities
Vulnerable Software
Fedoraproject:  Security Vulnerabilities
CVE-2020-10735
A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-09-09
CVE-2022-25765
The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized.
CVSS Score
7.3
EPSS Score
0.888
Published
2022-09-09
CVE-2022-27664
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-09-06
CVE-2022-3123
Cross-site Scripting (XSS) - Reflected in GitHub repository splitbrain/dokuwiki prior to 2022-07-31a.
CVSS Score
5.4
EPSS Score
0.008
Published
2022-09-05
CVE-2022-39831
An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. This issue is different from CVE-2018-20230.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-09-05
CVE-2022-39832
An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-09-05
CVE-2022-3099
Use After Free in GitHub repository vim/vim prior to 9.0.0360.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-09-03
CVE-2022-39170
libdwarf 0.4.1 has a double free in _dwarf_exec_frame_instr in dwarf_frame.c.
CVSS Score
8.8
EPSS Score
0.005
Published
2022-09-02
CVE-2022-32743
Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
CVSS Score
7.5
EPSS Score
0.009
Published
2022-09-01
CVE-2021-3826
Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.
CVSS Score
6.5
EPSS Score
0.005
Published
2022-09-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved