Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2022
CVE-2022-23395
jQuery Cookie 1.4.1 is affected by prototype pollution, which can lead to DOM cross-site scripting (XSS).
CVSS Score
6.1
EPSS Score
0.003
Published
2022-03-02
CVE-2022-22303
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiManager versions prior to 7.0.2, 6.4.7 and 6.2.9 may allow a low privileged authenticated user to gain access to the FortiGate users credentials via the config conflict file.
CVSS Score
2.8
EPSS Score
0.001
Published
2022-03-02
CVE-2021-44166
An improper access control vulnerability [CWE-284 ] in FortiToken Mobile (Android) external push notification 5.1.0 and below may allow a remote attacker having already obtained a user's password to access the protected system during the 2FA procedure, even though the deny button is clicked by the legitimate user.
CVSS Score
4.1
EPSS Score
0.002
Published
2022-03-02
CVE-2022-22301
An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in FortiAP-C console 5.4.0 through 5.4.3, 5.2.0 through 5.2.1 may allow an authenticated attacker to execute unauthorized commands by running CLI commands with specifically crafted arguments.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-03-02
CVE-2022-0577
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-03-02
CVE-2021-45860
An integer overflow in DTSStreamReader::findFrame() of tsMuxer git-2678966 allows attackers to cause a Denial of Service (DoS) via a crafted file.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-03-02
CVE-2021-45861
There is an Assertion `num <= INT_BIT' failed at BitStreamReader::skipBits in /bitStream.h:132 of tsMuxer git-c6a0277.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-03-02
CVE-2021-45863
tsMuxer git-2678966 was discovered to contain a heap-based buffer overflow via the function HevcUnit::updateBits in hevc.cpp.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-03-02
CVE-2021-45864
tsMuxer git-c6a0277 was discovered to contain a segmentation fault via DTSStreamReader::findFrame in dtsStreamReader.cpp.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-03-02
CVE-2022-25050
rtl_433 21.12 was discovered to contain a stack overflow in the function somfy_iohc_decode(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file.
CVSS Score
5.5
EPSS Score
0.004
Published
2022-03-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved