Total
2906 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-46101 | 1 Ayacms Project | 1 Ayacms | 2023-01-05 | N/A | 8.8 HIGH |
AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting malicious code. | |||||
CVE-2022-3033 | 1 Mozilla | 1 Thunderbird | 2023-01-03 | N/A | 8.1 HIGH |
If a Thunderbird user replied to a crafted HTML email containing a <code>meta</code> tag, with the <code>meta</code> tag having the <code>http-equiv="refresh"</code> attribute, and the content attribute specifying an URL, then Thunderbird started a network request to that URL, regardless of the configuration to block remote content. In combination with certain other HTML elements and attributes in the email, it was possible to execute JavaScript code included in the message in the context of the message compose document. The JavaScript code was able to perform actions including, but probably not limited to, read and modify the contents of the message compose document, including the quoted original message, which could potentially contain the decrypted plaintext of encrypted data in the crafted email. The contents could then be transmitted to the network, either to the URL specified in the META refresh tag, or to a different URL, as the JavaScript code could modify the URL specified in the document. This bug doesn't affect users who have changed the default Message Body display setting to 'simple html' or 'plain text'. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1. | |||||
CVE-2022-45942 | 1 Baijiacms Project | 1 Baijiacms | 2022-12-29 | N/A | 8.8 HIGH |
A Remote Code Execution (RCE) vulnerability was found in includes/baijiacms/common.inc.php in baijiacms v4. | |||||
CVE-2022-47896 | 1 Jetbrains | 1 Intellij Idea | 2022-12-29 | N/A | 7.8 HIGH |
In JetBrains IntelliJ IDEA before 2022.3.1 code Templates were vulnerable to SSTI attacks. | |||||
CVE-2021-39426 | 1 Seacms | 1 Seacms | 2022-12-21 | N/A | 9.8 CRITICAL |
An issue was discovered in /Upload/admin/admin_notify.php in Seacms 11.4 allows attackers to execute arbitrary php code via the notify1 parameter when the action parameter equals set. | |||||
CVE-2022-4223 | 2 Fedoraproject, Postgresql | 2 Fedora, Pgadmin | 2022-12-19 | N/A | 8.8 HIGH |
The pgAdmin server includes an HTTP API that is intended to be used to validate the path a user selects to external PostgreSQL utilities such as pg_dump and pg_restore. The utility is executed by the server to determine what PostgreSQL version it is from. Versions of pgAdmin prior to 6.17 failed to properly secure this API, which could allow an unauthenticated user to call it with a path of their choosing, such as a UNC path to a server they control on a Windows machine. This would cause an appropriately named executable in the target path to be executed by the pgAdmin server. | |||||
CVE-2022-23503 | 1 Typo3 | 1 Typo3 | 2022-12-16 | N/A | 8.8 HIGH |
TYPO3 is an open source PHP based web content management system. Versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are vulnerable to Code Injection. Due to the lack of separating user-submitted data from the internal configuration in the Form Designer backend module, it is possible to inject code instructions to be processed and executed via TypoScript as PHP code. The existence of individual TypoScript instructions for a particular form item and a valid backend user account with access to the form module are needed to exploit this vulnerability. This issue is patched in versions 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1. | |||||
CVE-2022-44702 | 1 Microsoft | 3 Terminal, Windows 10, Windows 11 | 2022-12-16 | N/A | 7.8 HIGH |
Windows Terminal Remote Code Execution Vulnerability. | |||||
CVE-2022-41264 | 1 Sap | 1 Basis | 2022-12-15 | N/A | 8.8 HIGH |
Due to the unrestricted scope of the RFC function module, SAP BASIS - versions 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, 791, allows an authenticated non-administrator attacker to access a system class and execute any of its public methods with parameters provided by the attacker. On successful exploitation the attacker can have full control of the system to which the class belongs, causing a high impact on the integrity of the application. | |||||
CVE-2022-37905 | 1 Arubanetworks | 12 7005, 7008, 7010 and 9 more | 2022-12-15 | N/A | 8.8 HIGH |
Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to execute arbitrary code during the boot sequence. Successful exploitation could allow an attacker to achieve permanent modification of the underlying operating system. | |||||
CVE-2022-37904 | 1 Arubanetworks | 12 7005, 7008, 7010 and 9 more | 2022-12-14 | N/A | 8.8 HIGH |
Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to execute arbitrary code during the boot sequence. Successful exploitation could allow an attacker to achieve permanent modification of the underlying operating system. | |||||
CVE-2022-20686 | 1 Cisco | 6 Ata 190, Ata 190 Firmware, Ata 191 and 3 more | 2022-12-14 | N/A | 5.3 MEDIUM |
Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause the LLDP service to restart. These vulnerabilities are due to missing length validation of certain LLDP packet header fields. An attacker could exploit these vulnerabilities by sending a malicious LLDP packet to an affected device. A successful exploit could allow the attacker to execute code on the affected device and cause LLDP to restart unexpectedly, resulting in a denial of service (DoS) condition. | |||||
CVE-2022-46157 | 1 Akeneo | 1 Product Information Management | 2022-12-14 | N/A | 8.8 HIGH |
Akeneo PIM is an open source Product Information Management (PIM). Akeneo PIM Community Edition versions before v5.0.119 and v6.0.53 allows remote authenticated users to execute arbitrary PHP code on the server by uploading a crafted image. Akeneo PIM Community Edition after the versions aforementioned provides patched Apache HTTP server configuration file, for docker setup and in documentation sample, to fix this vulnerability. Community Edition users must change their Apache HTTP server configuration accordingly to be protected. The patch for Cloud Based Akeneo PIM Services customers has been applied since 30th October 2022. Users are advised to upgrade. Users unable to upgrade may Replace any reference to `<FilesMatch \.php$>` in their apache httpd configurations with: `<Location "/index.php">`. | |||||
CVE-2020-8218 | 1 Pulsesecure | 2 Pulse Connect Secure, Pulse Policy Secure | 2022-12-13 | 6.5 MEDIUM | 7.2 HIGH |
A code injection vulnerability exists in Pulse Connect Secure <9.1R8 that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface. | |||||
CVE-2021-29472 | 3 Debian, Fedoraproject, Getcomposer | 3 Debian Linux, Fedora, Composer | 2022-12-13 | 6.5 MEDIUM | 8.8 HIGH |
Composer is a dependency manager for PHP. URLs for Mercurial repositories in the root composer.json and package source download URLs are not sanitized correctly. Specifically crafted URL values allow code to be executed in the HgDriver if hg/Mercurial is installed on the system. The impact to Composer users directly is limited as the composer.json file is typically under their own control and source download URLs can only be supplied by third party Composer repositories they explicitly trust to download and execute source code from, e.g. Composer plugins. The main impact is to services passing user input to Composer, including Packagist.org and Private Packagist. This allowed users to trigger remote code execution. The vulnerability has been patched on Packagist.org and Private Packagist within 12h of receiving the initial vulnerability report and based on a review of logs, to the best of our knowledge, was not abused by anyone. Other services/tools using VcsRepository/VcsDriver or derivatives may also be vulnerable and should upgrade their composer/composer dependency immediately. Versions 1.10.22 and 2.0.13 include patches for this issue. | |||||
CVE-2022-46166 | 1 Codecentric | 1 Spring Boot Admin | 2022-12-13 | N/A | 9.8 CRITICAL |
Spring boot admins is an open source administrative user interface for management of spring boot applications. All users who run Spring Boot Admin Server, having enabled Notifiers (e.g. Teams-Notifier) and write access to environment variables via UI are affected. Users are advised to upgrade to the most recent releases of Spring Boot Admin 2.6.10 and 2.7.8 to resolve this issue. Users unable to upgrade may disable any notifier or disable write access (POST request) on `/env` actuator endpoint. | |||||
CVE-2022-43660 | 1 Sixapart | 1 Movable Type | 2022-12-12 | N/A | 7.2 HIGH |
Improper neutralization of Server-Side Includes (SSW) within a web page in Movable Type series allows a remote authenticated attacker with Privilege of 'Manage of Content Types' may execute an arbitrary Perl script and/or an arbitrary OS command. Affected products/versions are as follows: Movable Type 7 r.5301 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.5301 and earlier (Movable Type Advanced 7 Series), Movable Type Premium 1.53 and earlier, and Movable Type Premium Advanced 1.53 and earlier. | |||||
CVE-2022-46742 | 1 Paddlepaddle | 1 Paddlepaddle | 2022-12-08 | N/A | 9.8 CRITICAL |
Code injection in paddle.audio.functional.get_window in PaddlePaddle 2.4.0-rc0 allows arbitrary code execution. | |||||
CVE-2022-41205 | 2 Microsoft, Sap | 2 Windows, Gui | 2022-12-08 | N/A | 6.1 MEDIUM |
SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful exploitation, the attacker can gain access to registries which can cause a limited impact on confidentiality and high impact on availability of the application. | |||||
CVE-2022-29221 | 3 Debian, Fedoraproject, Smarty | 3 Debian Linux, Fedora, Smarty | 2022-12-08 | 6.5 MEDIUM | 8.8 HIGH |
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious {block} name or {include} file name. Sites that cannot fully trust template authors should upgrade to versions 3.1.45 or 4.1.1 to receive a patch for this issue. There are currently no known workarounds. |