Shodan
Vulnerabilities
Vulnerable Software
Fedoraproject:  >> Fedora  >> 37  Security Vulnerabilities
CVE-2022-41877
FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in `drive` channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version 2.9.0 and all users are advised to upgrade. Users unable to upgrade should not use the drive redirection channel - command line options `/drive`, `+drives` or `+home-drive`.
CVSS Score
4.6
EPSS Score
0.001
Published
2022-11-16
CVE-2022-37290
GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename application crash via a pasted ZIP archive.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-11-14
CVE-2022-45188
Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS).
CVSS Score
7.8
EPSS Score
0.0
Published
2022-11-12
CVE-2022-41854
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
CVSS Score
5.8
EPSS Score
0.001
Published
2022-11-11
CVE-2022-45063
xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions.
CVSS Score
9.8
EPSS Score
0.036
Published
2022-11-10
CVE-2022-38023
Netlogon RPC Elevation of Privilege Vulnerability
CVSS Score
8.1
EPSS Score
0.003
Published
2022-11-09
CVE-2022-37967
Windows Kerberos Elevation of Privilege Vulnerability
CVSS Score
7.2
EPSS Score
0.022
Published
2022-11-09
CVE-2022-37966
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
CVSS Score
8.1
EPSS Score
0.007
Published
2022-11-09
CVE-2022-23824
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-11-09
CVE-2022-45062
In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-11-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved