Shodan
Vulnerabilities
Vulnerable Software
Fedoraproject:  Security Vulnerabilities
CVE-2022-2288
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.
CVSS Score
7.8
EPSS Score
0.004
Published
2022-07-03
CVE-2022-2287
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVSS Score
8.0
EPSS Score
0.001
Published
2022-07-02
CVE-2022-34911
An issue was discovered in MediaWiki before 1.35.7, 1.36.x and 1.37.x before 1.37.3, and 1.38.x before 1.38.1. XSS can occur in configurations that allow a JavaScript payload in a username. After account creation, when it sets the page title to "Welcome" followed by the username, the username is not escaped: SpecialCreateAccount::successfulAction() calls ::showSuccessPage() with a message as second parameter, and OutputPage::setPageTitle() uses text().
CVSS Score
6.1
EPSS Score
0.004
Published
2022-07-02
CVE-2022-34912
An issue was discovered in MediaWiki before 1.37.3 and 1.38.x before 1.38.1. The contributions-title, used on Special:Contributions, is used as page title without escaping. Hence, in a non-default configuration where a username contains HTML entities, it won't be escaped.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-07-02
CVE-2022-2286
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-07-02
CVE-2022-2285
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-07-02
CVE-2022-2284
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-07-02
CVE-2022-34903
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
CVSS Score
6.5
EPSS Score
0.024
Published
2022-07-01
CVE-2022-32325
JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-07-01
CVE-2022-32081
MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-07-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved