Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2022
CVE-2022-31414
D-Link DIR-1960 firmware DIR-1960_A1_1.11 was discovered to contain a buffer overflow via srtcat in prog.cgi. This vulnerability allowed attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
CVSS Score
7.5
EPSS Score
0.007
Published
2022-09-07
CVE-2022-36539
WeDayCare B.V Ouderapp before v1.1.22 allows attackers to alter the ID value within intercepted calls to gain access to data of other parents and children.
CVSS Score
7.5
EPSS Score
0.065
Published
2022-09-07
CVE-2022-36587
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-09-07
CVE-2022-36659
xhyve commit dfbe09b was discovered to contain a NULL pointer dereference via the component vi_pci_write(). This vulnerability allows attackers to cause a Denial of Service via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-09-07
CVE-2022-36660
xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pci_vtrnd_notify().
CVSS Score
9.8
EPSS Score
0.005
Published
2022-09-07
CVE-2022-36661
xhyve commit dfbe09b was discovered to contain a NULL pointer dereference via the component vi_pci_read(). This vulnerability allows attackers to cause a Denial of Service via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-09-07
CVE-2022-37780
Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the pingAddr parameter of the tracert function.
CVSS Score
7.2
EPSS Score
0.03
Published
2022-09-07
CVE-2022-37730
In ftcms 2.1, there is a Cross Site Request Forgery (CSRF) vulnerability in the PHP page, which causes the attacker to forge a link to trick him to click on a malicious link or visit a page containing attack code, and send a request to the server (corresponding to the identity authentication information) as the victim without the victim's knowledge.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-09-07
CVE-2022-37731
ftcms 2.1 poster.PHP has a XSS vulnerability. The attacker inserts malicious JavaScript code into the web page, causing the user / administrator to trigger malicious code when accessing.
CVSS Score
6.1
EPSS Score
0.004
Published
2022-09-07
CVE-2022-3152
Unverified Password Change in GitHub repository phpfusion/phpfusion prior to 9.10.20.
CVSS Score
9.6
EPSS Score
0.003
Published
2022-09-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved