CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25539
https://notcve.org/view.php?id=CVE-2023-25539
31 May 2023 — Dell NetWorker 19.6.1.2, contains an OS command injection Vulnerability in the NetWorker client. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. This is a high severity vulnerability as the exploitation allows an attacker to take complete control of a system, so Dell recommends customers to upgrade at the earliest opportunity. Dell NetWorker... • https://www.dell.com/support/kbdoc/en-us/000211267/dsa-2023-060-dell-networker-security-update-for-an-nsrcapinfo-vulnerability • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 83%CPEs: 1EXPL: 5CVE-2023-2068 – File Manager Advanced Shortcode <= 2.3.2 - Unauthenticated Remote Code Execution through shortcode
https://notcve.org/view.php?id=CVE-2023-2068
31 May 2023 — The File Manager Advanced Shortcode WordPress plugin through 2.3.2 does not adequately prevent uploading files with disallowed MIME types when using the shortcode. This leads to RCE in cases where the allowed MIME type list does not include PHP files. In the worst case, this is available to unauthenticated users. The File Manager Advanced Shortcode WordPress plugin for WordPress is vulnerable to remote code execution in versions up to, and including, 2.3.2. This is due to the plugin allowing users to upload... • https://packetstorm.news/files/id/173735 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33234 – Apache Airflow CNCF Kubernetes Provider: KubernetesPodOperator RCE via connection configuration
https://notcve.org/view.php?id=CVE-2023-33234
30 May 2023 — Arbitrary code execution in Apache Airflow CNCF Kubernetes provider version 5.0.0 allows user to change xcom sidecar image and resources via Airflow connection. • https://lists.apache.org/thread/n1vpgl6h2qsdm52o9m2tx1oo86tl4gnq • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32692 – Remote Code Execution Vulnerability in Validation Placeholders
https://notcve.org/view.php?id=CVE-2023-32692
30 May 2023 — CodeIgniter is a PHP full-stack web framework. This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally. This issue is patched in version 4.3.5. CodeIgniter es un framework web PHP full-stack. • https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32380 – Apple Security Advisory 2023-05-18-3
https://notcve.org/view.php?id=CVE-2023-32380
30 May 2023 — Processing a 3D model may lead to arbitrary code execution. macOS Monterey 12.6.6 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213758 • CWE-787: Out-of-bounds Write •
CVSS: 9.4EPSS: 0%CPEs: 4EXPL: 1CVE-2023-25734 – Gentoo Linux Security Advisory 202305-35
https://notcve.org/view.php?id=CVE-2023-25734
30 May 2023 — Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. • https://bugzilla.mozilla.org/show_bug.cgi?id=1784451 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28159 – Gentoo Linux Security Advisory 202305-35
https://notcve.org/view.php?id=CVE-2023-28159
30 May 2023 — Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. • https://bugzilla.mozilla.org/show_bug.cgi?id=1783561 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-28163 – Gentoo Linux Security Advisory 202305-35
https://notcve.org/view.php?id=CVE-2023-28163
30 May 2023 — Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. • https://bugzilla.mozilla.org/show_bug.cgi?id=1817768 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-29544 – Gentoo Linux Security Advisory 202305-35
https://notcve.org/view.php?id=CVE-2023-29544
30 May 2023 — Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. • https://bugzilla.mozilla.org/show_bug.cgi?id=1818781 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25748 – Gentoo Linux Security Advisory 202305-35
https://notcve.org/view.php?id=CVE-2023-25748
30 May 2023 — Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. • https://bugzilla.mozilla.org/show_bug.cgi?id=1798798 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •