CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-42885
https://notcve.org/view.php?id=CVE-2022-42885
21 Jul 2023 — A specially crafted malformed file can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1668 • CWE-824: Access of Uninitialized Pointer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-44451
https://notcve.org/view.php?id=CVE-2022-44451
21 Jul 2023 — A specially crafted malformed file can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1669 • CWE-824: Access of Uninitialized Pointer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-46280
https://notcve.org/view.php?id=CVE-2022-46280
21 Jul 2023 — A specially crafted malformed file can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1670 • CWE-824: Access of Uninitialized Pointer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-43467
https://notcve.org/view.php?id=CVE-2022-43467
21 Jul 2023 — A specially crafted malformed file can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1671 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-37331
https://notcve.org/view.php?id=CVE-2022-37331
21 Jul 2023 — A specially crafted malformed file can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1672 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37903 – Sandbox Escape in vm2
https://notcve.org/view.php?id=CVE-2023-37903
21 Jul 2023 — This may result in Remote Code Execution, assuming the attacker has arbitrary code execution primitive inside the context of vm2 sandbox. • https://github.com/7h3h4ckv157/CVE-2023-37903 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-35087 – ASUS RT-AX56U V2 & RT-AC86U - Format String - 2
https://notcve.org/view.php?id=CVE-2023-35087
21 Jul 2023 — An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote arbitrary code execution, arbitrary system operation or disrupt service. This issue affects RT-AX56U V2: 3.0.0.4.386_50460; RT-AC86U: 3.0.0.4_386_51529. ... An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote arbitrary code execution, arbitrary system operation or disrupt service. • https://www.twcert.org.tw/tw/cp-132-7249-ab2d1-1.html • CWE-134: Use of Externally-Controlled Format String •
CVSS: 8.3EPSS: 0%CPEs: 4EXPL: 1CVE-2023-35086 – ASUS RT-AX56U V2 & RT-AC86U - Format String -1
https://notcve.org/view.php?id=CVE-2023-35086
21 Jul 2023 — A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution, arbitrary system operation or disrupt service. • https://github.com/tin-z/CVE-2023-35086-POC • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28730
https://notcve.org/view.php?id=CVE-2023-28730
21 Jul 2023 — A memory corruption vulnerability Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. • https://industry.panasonic.eu/factory-automation/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28729
https://notcve.org/view.php?id=CVE-2023-28729
21 Jul 2023 — A type confusion vulnerability in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. • https://industry.panasonic.eu/factory-automation/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •