Shodan
Vulnerabilities
Vulnerable Software
Debian:  Security Vulnerabilities
CVE-2022-31002
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be caused by a URL ending with `%`. Version 1.13.8 contains a patch for this issue.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-05-31
CVE-2022-1942
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS Score
7.8
EPSS Score
0.005
Published
2022-05-31
CVE-2022-1897
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVSS Score
7.8
EPSS Score
0.004
Published
2022-05-27
CVE-2022-1898
Use After Free in GitHub repository vim/vim prior to 8.2.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-05-27
CVE-2022-26691
A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-05-26
CVE-2022-21831
A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments.
CVSS Score
9.8
EPSS Score
0.011
Published
2022-05-26
CVE-2022-22576
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).
CVSS Score
8.1
EPSS Score
0.003
Published
2022-05-26
CVE-2022-22577
An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses.
CVSS Score
6.1
EPSS Score
0.003
Published
2022-05-26
CVE-2022-27777
A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes.
CVSS Score
6.1
EPSS Score
0.017
Published
2022-05-26
CVE-2022-30787
An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-05-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved