Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2022
CVE-2022-36284
Authenticated IDOR vulnerability in StoreApps Affiliate For WooCommerce premium plugin <= 4.7.0 at WordPress allows an attacker to change the PayPal email. WooCommerce PayPal Payments plugin (free) should be at least installed to get the extra input field on the user profile page.
CVSS Score
6.4
EPSS Score
0.002
Published
2022-08-05
CVE-2022-36296
Broken Authentication vulnerability in JumpDEMAND Inc. ActiveDEMAND plugin <= 0.2.27 at WordPress allows unauthenticated post update/create/delete.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-08-05
CVE-2022-36829
PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent.
CVSS Score
6.2
EPSS Score
0.001
Published
2022-08-05
CVE-2022-36830
PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent.
CVSS Score
6.2
EPSS Score
0.001
Published
2022-08-05
CVE-2022-36831
Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung Notes permission.
CVSS Score
6.2
EPSS Score
0.001
Published
2022-08-05
CVE-2022-36832
Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22, 3.4.22 and 3.5.51 allows attackers to access external storage as Cameralyzer privilege.
CVSS Score
4.0
EPSS Score
0.001
Published
2022-08-05
CVE-2022-33201
Cross-Site Request Forgery (CSRF) vulnerability in MailerLite – Signup forms (official) plugin <= 1.5.7 at WordPress allows an attacker to change the API key.
CVSS Score
6.3
EPSS Score
0.001
Published
2022-08-05
CVE-2022-33714
Improper access control vulnerability in SemWifiApBroadcastReceiver prior to SMR Aug-2022 Release 1 allows attacker to reset a setting value related to mobile hotspot.
CVSS Score
6.2
EPSS Score
0.0
Published
2022-08-05
CVE-2022-33715
Improper access control and path traversal vulnerability in LauncherProvider prior to SMR Aug-2022 Release 1 allow local attacker to access files of One UI.
CVSS Score
5.3
EPSS Score
0.0
Published
2022-08-05
CVE-2022-33716
An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local attacker to read uninitialized memory.
CVSS Score
2.3
EPSS Score
0.0
Published
2022-08-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved