Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2022
CVE-2022-44636
The Samsung TV (2021 and 2022 model) smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button. This is fixed in xxx72510, E9172511 for 2021 models, xxxA1000, 4x2A0200 for 2022 models.
CVSS Score
4.6
EPSS Score
0.001
Published
2022-12-13
CVE-2022-45685
A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-12-13
CVE-2022-45688
A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.
CVSS Score
7.5
EPSS Score
0.007
Published
2022-12-13
CVE-2022-45689
hutool-json v5.8.10 was discovered to contain an out of memory error.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-12-13
CVE-2022-45690
A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-12-13
CVE-2022-45693
Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-12-13
CVE-2022-45871
A Denial-of-Service (DoS) vulnerability was discovered in the fsicapd component used in WithSecure products whereby the service may crash while parsing ICAP request. The exploit can be triggered remotely by an attacker.
CVSS Score
4.3
EPSS Score
0.001
Published
2022-12-13
CVE-2022-46059
AeroCMS v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF).
CVSS Score
6.5
EPSS Score
0.002
Published
2022-12-13
CVE-2022-46363
A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. The vulnerability only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, and so the vulnerability can only arise if the CXF service is misconfigured.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-12-13
CVE-2021-32415
EXEMSI MSI Wrapper Versions prior to 10.0.50 and at least since version 6.0.91 will introduce a local privilege escalation vulnerability in installers it creates.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-12-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved