Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2022
CVE-2022-47946
An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some situations by forking a process and then quickly terminating it. NOTE: later kernel versions, such as the 5.15 longterm series, substantially changed the implementation of io_sqpoll_wait_sq.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-12-23
CVE-2022-23854
AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server.
CVSS Score
7.5
EPSS Score
0.926
Published
2022-12-23
CVE-2022-47945
ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled (lang_switch_on=true). An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php.
CVSS Score
9.8
EPSS Score
0.885
Published
2022-12-23
CVE-2022-39164
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 235181.
CVSS Score
6.2
EPSS Score
0.0
Published
2022-12-23
CVE-2022-41290
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to obtain root privileges. IBM X-Force ID: 236690.
CVSS Score
8.4
EPSS Score
0.0
Published
2022-12-23
CVE-2022-43848
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service. IBM X-Force ID: 239169.
CVSS Score
6.2
EPSS Score
0.0
Published
2022-12-23
CVE-2022-43849
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX pfcdd kernel extension to cause a denial of service. IBM X-Force ID: 239170.
CVSS Score
6.2
EPSS Score
0.0
Published
2022-12-23
CVE-2022-4692
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.
CVSS Score
7.1
EPSS Score
0.001
Published
2022-12-23
CVE-2022-45715
IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pLanPortRange and pWanPortRange parameters in the formSetPortMapping function.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-12-23
CVE-2022-45716
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formIPMacBindDel function.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-12-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved