CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39015
https://notcve.org/view.php?id=CVE-2023-39015
28 Jul 2023 — webmagic-extension v0.9.0 and below was discovered to contain a code injection vulnerability via the component us.codecraft.webmagic.downloader.PhantomJSDownloader. • https://github.com/code4craft/webmagic/issues/1122 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39021
https://notcve.org/view.php?id=CVE-2023-39021
28 Jul 2023 — wix-embedded-mysql v4.6.1 and below was discovered to contain a code injection vulnerability in the component com.wix.mysql.distribution.Setup.apply. • https://github.com/LetianYuan/My-CVE-Public-References/tree/main/com_wix_wix-embedded-mysql • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39018
https://notcve.org/view.php?id=CVE-2023-39018
28 Jul 2023 — FFmpeg 0.7.0 and below was discovered to contain a code injection vulnerability in the component net.bramp.ffmpeg.FFmpeg. • https://github.com/bramp/ffmpeg-cli-wrapper/blob/master/src/main/java/net/bramp/ffmpeg/FFmpeg.java • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39022
https://notcve.org/view.php?id=CVE-2023-39022
28 Jul 2023 — oscore v2.2.6 and below was discovered to contain a code injection vulnerability in the component com.opensymphony.util.EJBUtils.createStateless. • https://github.com/LetianYuan/My-CVE-Public-References/tree/main/opensymphony_oscore • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39017
https://notcve.org/view.php?id=CVE-2023-39017
28 Jul 2023 — quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. • https://github.com/quartz-scheduler/quartz/issues/943 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39010
https://notcve.org/view.php?id=CVE-2023-39010
28 Jul 2023 — BoofCV 0.42 was discovered to contain a code injection vulnerability via the component boofcv.io.calibration.CalibrationIO.load. • https://github.com/lessthanoptimal/BoofCV/issues/406 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39020
https://notcve.org/view.php?id=CVE-2023-39020
28 Jul 2023 — stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. • https://github.com/LetianYuan/My-CVE-Public-References/tree/main/edu_stanford_nlp_stanford-parser • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39016
https://notcve.org/view.php?id=CVE-2023-39016
28 Jul 2023 — bboss-persistent v6.0.9 and below was discovered to contain a code injection vulnerability in the component com.frameworkset.common.poolman.util.SQLManager.createPool. • https://gitee.com/bboss/bboss/issues/I7MH08 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39013
https://notcve.org/view.php?id=CVE-2023-39013
28 Jul 2023 — Duke v1.2 and below was discovered to contain a code injection vulnerability via the component no.priv.garshol.duke.server.CommonJTimer.init. • https://github.com/larsga/Duke/issues/273 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32450
https://notcve.org/view.php?id=CVE-2023-32450
27 Jul 2023 — A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access. • https://www.dell.com/support/kbdoc/en-us/000215215/dsa-2023-181-dell-power-manager-security-update-for-an-improper-access-control-vulnerability • CWE-379: Creation of Temporary File in Directory with Insecure Permissions •