Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2022
JFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVSS Score
9.8
EPSS Score
0.012
Published
2022-09-19
Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Score
5.5
EPSS Score
0.004
Published
2022-09-19
The d8s-archives for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0.
CVSS Score
9.8
EPSS Score
0.012
Published
2022-09-19
The d8s-json for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0.
CVSS Score
9.8
EPSS Score
0.012
Published
2022-09-19
The d8s-math for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0.
CVSS Score
9.8
EPSS Score
0.012
Published
2022-09-19
The d8s-grammars for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0.
CVSS Score
9.8
EPSS Score
0.012
Published
2022-09-19
The d8s-netstrings for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0.
CVSS Score
9.8
EPSS Score
0.012
Published
2022-09-19
The d8s-xml for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0.
CVSS Score
9.8
EPSS Score
0.012
Published
2022-09-19
The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The democritus-strings package. The affected version is 0.1.0.
CVSS Score
9.8
EPSS Score
0.012
Published
2022-09-19
The d8s-html for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0.
CVSS Score
9.8
EPSS Score
0.01
Published
2022-09-19


Contact Us

Shodan ® - All rights reserved