Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2022
CVE-2022-4847
Incorrectly Specified Destination in a Communication Channel in GitHub repository usememos/memos prior to 0.9.1.
CVSS Score
8.3
EPSS Score
0.001
Published
2022-12-29
CVE-2022-4848
Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1.
CVSS Score
8.6
EPSS Score
0.001
Published
2022-12-29
CVE-2022-4849
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.
CVSS Score
8.3
EPSS Score
0.001
Published
2022-12-29
CVE-2022-4850
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-12-29
CVE-2022-4851
Improper Handling of Values in GitHub repository usememos/memos prior to 0.9.1.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-12-29
CVE-2022-4839
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.
CVSS Score
8.0
EPSS Score
0.001
Published
2022-12-29
CVE-2022-4840
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.
CVSS Score
7.6
EPSS Score
0.001
Published
2022-12-29
CVE-2022-4841
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.
CVSS Score
8.6
EPSS Score
0.001
Published
2022-12-29
CVE-2021-4295
A vulnerability classified as problematic was found in ONC code-validator-api up to 1.0.30. This vulnerability affects the function vocabularyValidationConfigurations of the file src/main/java/org/sitenv/vocabularies/configuration/CodeValidatorApiConfiguration.java of the component XML Handler. The manipulation leads to xml external entity reference. Upgrading to version 1.0.31 is able to address this issue. The name of the patch is fbd8ea121755a2d3d116b13f235bc8b61d8449af. It is recommended to upgrade the affected component. VDB-217018 is the identifier assigned to this vulnerability.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-12-29
CVE-2021-4296
A vulnerability, which was classified as problematic, has been found in w3c Unicorn. This issue affects the function ValidatorNuMessage of the file src/org/w3c/unicorn/response/impl/ValidatorNuMessage.java. The manipulation of the argument message leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 51f75c31f7fc33859a9a571311c67ae4e95d9c68. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217019.
CVSS Score
3.5
EPSS Score
0.001
Published
2022-12-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved