Total
2906 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-32820 | 1 Express Handlebars Project | 1 Express Handlebars | 2022-07-02 | 5.0 MEDIUM | 8.6 HIGH |
| Express-handlebars is a Handlebars view engine for Express. Express-handlebars mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential vulnerability is somewhat restricted in that only files with existing extentions (i.e. file.extension) can be included, files that lack an extension will have .handlebars appended to them. For complete details refer to the referenced GHSL-2021-018 report. Notes in documentation have been added to help users avoid this potential information exposure vulnerability. | |||||
| CVE-2021-32822 | 1 Hbs Project | 1 Hbs | 2022-07-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| The npm hbs package is an Express view engine wrapper for Handlebars. Depending on usage, users of hbs may be vulnerable to a file disclosure vulnerability. There is currently no patch for this vulnerability. hbs mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options a file disclosure vulnerability may be triggered in downstream applications. For an example PoC see the referenced GHSL-2021-020. | |||||
| CVE-2020-6318 | 1 Sap | 1 Abap Platform | 2022-07-01 | 6.5 MEDIUM | 7.2 HIGH |
| A Remote Code Execution vulnerability exists in the SAP NetWeaver (ABAP Server, up to release 7.40) and ABAP Platform (> release 7.40).Because of this, an attacker can exploit these products via Code Injection, and potentially enabling to take complete control of the products, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. It can also be used to cause a general fault in the product, causing the products to terminate. | |||||
| CVE-2022-1517 | 1 Illumina | 8 Iseq 100, Local Run Manager, Miniseq and 5 more | 2022-07-01 | 10.0 HIGH | 9.8 CRITICAL |
| LRM utilizes elevated privileges. An unauthenticated malicious actor can upload and execute code remotely at the operating system level, which can allow an attacker to change settings, configurations, software, or access sensitive data on the affected produc. An attacker could also exploit this vulnerability to access APIs not intended for general use and interact through the network. | |||||
| CVE-2017-20095 | 1 Simple Ads Manager Project | 1 Simple Ads Manager | 2022-06-29 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability classified as critical was found in Simple Ads Manager Plugin. This vulnerability affects unknown code. The manipulation leads to code injection. The attack can be initiated remotely. | |||||
| CVE-2017-20086 | 1 Automattic | 1 Vaultpress | 2022-06-29 | 6.0 MEDIUM | 7.5 HIGH |
| A vulnerability, which was classified as critical, was found in VaultPress Plugin 1.8.4. This affects an unknown part. The manipulation leads to code injection. It is possible to initiate the attack remotely. | |||||
| CVE-2021-41402 | 1 Flatcore | 1 Flatcore-cms | 2022-06-28 | 6.5 MEDIUM | 8.8 HIGH |
| flatCore-CMS v2.0.8 has a code execution vulnerability, which could let a remote malicious user execute arbitrary PHP code. | |||||
| CVE-2017-20064 | 1 Elefantcms | 1 Elefant Cms | 2022-06-27 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability was found in Elefant CMS 1.3.12-RC. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /designer/add/layout. The manipulation leads to code injection. The attack can be launched remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2021-39402 | 1 Maianmedia | 1 Maianaffiliate | 2022-06-27 | 6.5 MEDIUM | 7.2 HIGH |
| MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel. The injected payload is reflected on the affiliate main page for all authenticated and unauthenticated visitors. | |||||
| CVE-2022-30141 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-06-24 | 9.3 HIGH | 8.1 HIGH |
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. | |||||
| CVE-2018-1275 | 2 Oracle, Vmware | 19 Application Testing Suite, Big Data Discovery, Communications Converged Application Server and 16 more | 2022-06-23 | 7.5 HIGH | 9.8 CRITICAL |
| Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. This CVE addresses the partial fix for CVE-2018-1270 in the 4.3.x branch of the Spring Framework. | |||||
| CVE-2018-1270 | 4 Debian, Oracle, Redhat and 1 more | 28 Debian Linux, Application Testing Suite, Big Data Discovery and 25 more | 2022-06-23 | 7.5 HIGH | 9.8 CRITICAL |
| Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. | |||||
| CVE-2017-16544 | 5 Busybox, Canonical, Debian and 2 more | 8 Busybox, Ubuntu Linux, Debian Linux and 5 more | 2022-06-20 | 6.5 MEDIUM | 8.8 HIGH |
| In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks. | |||||
| CVE-2022-0885 | 1 Memberhero | 1 Member Hero | 2022-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| The Member Hero WordPress plugin through 1.0.9 lacks authorization checks, and does not validate the a request parameter in an AJAX action, allowing unauthenticated users to call arbitrary PHP functions with no arguments. | |||||
| CVE-2021-41749 | 1 Nystudio107 | 1 Seomatic | 2022-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| In the SEOmatic plugin up to 3.4.11 for Craft CMS 3, it is possible for unauthenticated attackers to perform a Server-Side Template Injection, allowing for remote code execution. | |||||
| CVE-2022-24429 | 1 Convert-svg-core Project | 1 Convert-svg-core | 2022-06-17 | 6.8 MEDIUM | 7.8 HIGH |
| The package convert-svg-core before 0.6.3 are vulnerable to Arbitrary Code Injection when using a specially crafted SVG file. An attacker can read arbitrary files from the file system and then show the file content as a converted PNG file. | |||||
| CVE-2022-21122 | 1 Metarhia | 1 Metacalc | 2022-06-16 | 7.5 HIGH | 9.8 CRITICAL |
| The package metacalc before 0.0.2 are vulnerable to Arbitrary Code Execution when it exposes JavaScript's Math class to the v8 context. As the Math class is exposed to user-land, it can be used to get access to JavaScript's Function constructor. | |||||
| CVE-2022-2014 | 1 Diagrams | 1 Drawio | 2022-06-15 | 3.5 LOW | 5.4 MEDIUM |
| Code Injection in GitHub repository jgraph/drawio prior to 19.0.2. | |||||
| CVE-2022-30877 | 1 Keep Project | 1 Keep | 2022-06-15 | 7.5 HIGH | 9.8 CRITICAL |
| The keep for python, as distributed on PyPI, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 1.2. | |||||
| CVE-2021-21480 | 1 Sap | 1 Manufacturing Integration And Intelligence | 2022-06-13 | 9.0 HIGH | 8.8 HIGH |
| SAP MII allows users to create dashboards and save them as JSP through the SSCE (Self Service Composition Environment). An attacker can intercept a request to the server, inject malicious JSP code in the request and forward to server. When this dashboard is opened by users having at least SAP_XMII Developer role, malicious content in the dashboard gets executed, leading to remote code execution in the server, which allows privilege escalation. The malicious JSP code can contain certain OS commands, through which an attacker can read sensitive files in the server, modify files or even delete contents in the server thus compromising the confidentiality, integrity and availability of the server hosting the SAP MII application. Also, an attacker authenticated as a developer can use the application to upload and execute a file which will permit them to execute operating systems commands completely compromising the server hosting the application. | |||||