CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-4315 – NYUCCL psiTurk experiment.py special elements used in a template engine
https://notcve.org/view.php?id=CVE-2021-4315
28 Jan 2023 — A vulnerability has been found in NYUCCL psiTurk up to 3.2.0 and classified as critical. This vulnerability affects unknown code of the file psiturk/experiment.py. The manipulation of the argument mode leads to improper neutralization of special elements used in a template engine. The exploit has been disclosed to the public and may be used. Upgrading to version 3.2.1 is able to address this issue. • https://github.com/NYUCCL/psiTurk/commit/47787e15cecd66f2aa87687bf852ae0194a4335f • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46356
https://notcve.org/view.php?id=CVE-2022-46356
27 Jan 2023 — Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure. • https://support.hp.com/us-en/document/ish_7334353-7334378-16 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46357
https://notcve.org/view.php?id=CVE-2022-46357
27 Jan 2023 — Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure. • https://support.hp.com/us-en/document/ish_7334353-7334378-16 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46358
https://notcve.org/view.php?id=CVE-2022-46358
27 Jan 2023 — Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure. • https://support.hp.com/us-en/document/ish_7334353-7334378-16 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46359
https://notcve.org/view.php?id=CVE-2022-46359
27 Jan 2023 — Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure. • https://support.hp.com/us-en/document/ish_7334353-7334378-16 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-22242 – ZDI-CAN-19515: Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-22242
27 Jan 2023 — Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/acrobat/apsb23-01.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-22241 – ZDI-CAN-19516: Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-22241
27 Jan 2023 — Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/acrobat/apsb23-01.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-22240 – ZDI-CAN-19517: Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-22240
27 Jan 2023 — Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/acrobat/apsb23-01.html • CWE-787: Out-of-bounds Write •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 1CVE-2023-23619 – Improper Control of Generation of Code ('Code Injection') in @asyncapi/modelina
https://notcve.org/view.php?id=CVE-2023-23619
26 Jan 2023 — Versions prior to 1.0.0 are vulnerable to Code injection. • https://github.com/asyncapi/modelina/security/advisories/GHSA-4jg2-84c2-pj95 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42330 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2022-42330
26 Jan 2023 — Multiple vulnerabilities have been found in Xen, the worst of which can lead to arbitrary code execution. • https://security.gentoo.org/glsa/202402-07 •