Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2022
CVE-2022-42841
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. Processing a maliciously crafted package may lead to arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-12-15
CVE-2022-42842
The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. A remote user may be able to cause kernel code execution.
CVSS Score
9.8
EPSS Score
0.021
Published
2022-12-15
CVE-2022-42843
This issue was addressed with improved data protection. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. A user may be able to view sensitive user information.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-12-15
CVE-2022-40000
Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in page.
CVSS Score
5.4
EPSS Score
0.0
Published
2022-12-15
CVE-2022-40001
Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the title field of the create article page.
CVSS Score
5.4
EPSS Score
0.0
Published
2022-12-15
CVE-2022-40002
Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbirtary code via the callback parameter to /cms/notify.
CVSS Score
5.4
EPSS Score
0.0
Published
2022-12-15
CVE-2022-40373
Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.1.1 allows remote attackers to run arbitrary code via upload of crafted XML file.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-12-15
CVE-2022-42805
An integer overflow was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-12-15
CVE-2022-42821
A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Big Sur 11.7.2, macOS Ventura 13. An app may bypass Gatekeeper checks.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-12-15
CVE-2022-3427
The Corner Ad plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.56. This is due to missing or incorrect nonce validation on its corner_ad_settings_page function. This makes it possible for unauthenticated attackers to trigger the deletion of ads via forged request granted they can trick a site administrator into performing an action such as clicking on a link.
CVSS Score
8.8
EPSS Score
0.006
Published
2022-12-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved