CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-42331 – Debian Security Advisory 5378-1
https://notcve.org/view.php?id=CVE-2022-42331
21 Mar 2023 — Multiple vulnerabilities have been found in Xen, the worst of which can lead to arbitrary code execution. • http://www.openwall.com/lists/oss-security/2023/03/21/3 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-42332 – Debian Security Advisory 5378-1
https://notcve.org/view.php?id=CVE-2022-42332
21 Mar 2023 — Multiple vulnerabilities have been found in Xen, the worst of which can lead to arbitrary code execution. • http://www.openwall.com/lists/oss-security/2023/03/21/1 • CWE-416: Use After Free •
CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2022-42333 – Debian Security Advisory 5378-1
https://notcve.org/view.php?id=CVE-2022-42333
21 Mar 2023 — Multiple vulnerabilities have been found in Xen, the worst of which can lead to arbitrary code execution. • http://www.openwall.com/lists/oss-security/2023/03/21/2 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-42334 – Debian Security Advisory 5378-1
https://notcve.org/view.php?id=CVE-2022-42334
21 Mar 2023 — Multiple vulnerabilities have been found in Xen, the worst of which can lead to arbitrary code execution. • http://www.openwall.com/lists/oss-security/2023/03/21/2 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 77EXPL: 0CVE-2023-22288 – Email HTML Injection
https://notcve.org/view.php?id=CVE-2023-22288
20 Mar 2023 — HTML Email Injection in Tribe29 Checkmk <=2.1.0p23; <=2.0.0p34, and all versions of Checkmk 1.6.0 allows an authenticated attacker to inject malicious HTML into Emails • https://checkmk.com/werk/15069 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-138: Improper Neutralization of Special Elements •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-1250 – Code execution through ACL creation
https://notcve.org/view.php?id=CVE-2023-1250
20 Mar 2023 — Improper Input Validation vulnerability in OTRS AG OTRS (ACL modules), OTRS AG ((OTRS)) Community Edition (ACL modules) allows Local Execution of Code. When creating/importing an ACL it was possible to inject code that gets executed via manipulated comments and ACL-names This issue affects OTRS: from 7.0.X before 7.0.42, from 8.0.X before 8.0.31; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34. Improper Input Validation vulnerability in OTRS AG OTRS (ACL modules), OTRS AG ((OTRS)) Community Edition (A... • https://otrs.com/release-notes/otrs-security-advisory-2023-02 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1482 – HkCms External Plugin code injection
https://notcve.org/view.php?id=CVE-2023-1482
18 Mar 2023 — The manipulation leads to code injection. ... Durch Beeinflussen mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. • https://gitee.com/Hk_Cms/HkCms/issues/I6J7ZD • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0CVE-2023-0598 – GE Digital Proficy Code Injection
https://notcve.org/view.php?id=CVE-2023-0598
16 Mar 2023 — GE Digital Proficy iFIX 2022, GE Digital Proficy iFIX v6.1, and GE Digital Proficy iFIX v6.5 are vulnerable to code injection, which may allow an attacker to insert malicious configuration files in the expected web server execution path and gain full control of the HMI software. • https://digitalsupport.ge.com/s/article/iFIX-Secure-Deployment-Guide?language=en_US • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 160EXPL: 0CVE-2022-34423
https://notcve.org/view.php?id=CVE-2022-34423
16 Mar 2023 — A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service. • https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 160EXPL: 0CVE-2022-34422
https://notcve.org/view.php?id=CVE-2022-34422
16 Mar 2023 — A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service. • https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •