Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2022
CVE-2022-2583
A race condition can cause incorrect HTTP request routing.
CVSS Score
3.7
EPSS Score
0.001
Published
2022-12-27
CVE-2022-2584
The dag-pb codec can panic when decoding invalid blocks.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-12-27
CVE-2016-15005
CSRF tokens are generated using math/rand, which is not a cryptographically secure random number generator, allowing an attacker to predict values and bypass CSRF protections with relatively few requests.
CVSS Score
8.8
EPSS Score
0.0
Published
2022-12-27
CVE-2017-20146
Usage of the CORS handler may apply improper CORS headers, allowing the requester to explicitly control the value of the Access-Control-Allow-Origin header, which bypasses the expected behavior of the Same Origin Policy.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-12-27
CVE-2018-25046
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
CVSS Score
9.1
EPSS Score
0.003
Published
2022-12-27
CVE-2019-25072
Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-12-27
CVE-2019-25073
Improper path sanitization in github.com/goadesign/goa before v3.0.9, v2.0.10, or v1.4.3 allow remote attackers to read files outside of the intended directory.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-12-27
CVE-2020-36559
Due to improper sanitization of user input, HTTPEngine.Handle allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-12-27
CVE-2020-36560
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
CVSS Score
9.1
EPSS Score
0.002
Published
2022-12-27
CVE-2020-36561
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
CVSS Score
9.1
EPSS Score
0.001
Published
2022-12-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved