Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2022
CVE-2022-3114
An issue was discovered in the Linux kernel through 5.16-rc6. imx_register_uart_clocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc() and will cause the null pointer dereference.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-12-14
CVE-2022-3115
An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-12-14
CVE-2022-38488
logrocket-oauth2-example through 2020-05-27 allows SQL injection via the /auth/register username parameter.
CVSS Score
9.8
EPSS Score
0.068
Published
2022-12-14
CVE-2022-3104
An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-12-14
CVE-2022-3105
An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().
CVSS Score
5.5
EPSS Score
0.0
Published
2022-12-14
CVE-2022-3106
An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc().
CVSS Score
5.5
EPSS Score
0.0
Published
2022-12-14
CVE-2022-3107
An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-12-14
CVE-2022-2601
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.
CVSS Score
8.6
EPSS Score
0.001
Published
2022-12-14
CVE-2022-31702
vRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network access to the vRNI REST API can execute commands without authentication.
CVSS Score
9.8
EPSS Score
0.01
Published
2022-12-14
CVE-2022-31703
The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-12-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved