Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2022
CVE-2022-27619
Cleartext transmission of sensitive information vulnerability in authentication management in Synology Note Station Client before 2.2.2-609 allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.001
Published
2022-08-03
CVE-2022-27620
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology SSO Server before 2.2.3-0331 allows remote authenticated users to read arbitrary files via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.002
Published
2022-08-03
CVE-2022-36800
Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers without the "Browse Users" permission to view groups via an Information Disclosure vulnerability in the browsegroups.action endpoint. The affected versions are before version 4.22.2.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-08-03
CVE-2022-27616
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in webapi component in Synology DiskStation Manager (DSM) before 7.0.1-42218-3 allows remote authenticated users to execute arbitrary commands via unspecified vectors.
CVSS Score
7.2
EPSS Score
0.016
Published
2022-08-03
CVE-2022-34967
The assertion `stmt->Dbc->FirstStmt' failed in MonetDB Database Server v11.43.13.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-08-03
CVE-2022-34968
An issue in the fetch_step function in Percona Server for MySQL v8.0.28-19 allows attackers to cause a Denial of Service (DoS) via a SQL query.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-08-03
CVE-2022-34969
PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-08-03
CVE-2022-34927
MilkyTracker v1.03.00 was discovered to contain a stack overflow via the component LoaderXM::load. This vulnerability is triggered when the program is supplied a crafted XM module file.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-03
CVE-2022-34928
JFinal CMS v5.1.0 was discovered to contain a SQL injection vulnerability via /system/user.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-08-03
CVE-2022-34937
Yuba u5cms v8.3.5 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component savepage.php. This vulnerability allows attackers to execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-08-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved