CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29550 – Qualys Cloud Agent Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2022-29550
18 Aug 2022 — The Unqork Security team discovered multiple security vulnerabilities in the Qualys Cloud Agent including arbitrary code execution. • http://packetstormsecurity.com/files/168367/Qualys-Cloud-Agent-Arbitrary-Code-Execution.html • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 8.8EPSS: 0%CPEs: 32EXPL: 0CVE-2024-27834 – Apple Safari Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-27834
18 Aug 2022 — If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. • http://seclists.org/fulldisclosure/2024/May/10 • CWE-277: Insecure Inherited Permissions CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-35516
https://notcve.org/view.php?id=CVE-2022-35516
17 Aug 2022 — DedeCMS v5.7.93 - v5.7.96 was discovered to contain a remote code execution vulnerability in login.php. Se ha detectado que DedeCMS versiones v5.7.93 - v5.7.96, contienen una vulnerabilidad de ejecución de código remota en el archivo login.php. • https://github.com/whitehatl/Vulnerability/blob/main/web/dedecms/5.7.93/Login.poc.md • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 1CVE-2022-36216
https://notcve.org/view.php?id=CVE-2022-36216
17 Aug 2022 — DedeCMS v5.7.94 - v5.7.97 was discovered to contain a remote code execution vulnerability in member_toadmin.php. Se ha detectado que DedeCMS versiones v5.7.94 - v5.7.97, contienen una vulnerabilidad de ejecución de código remota en el archivo member_toadmin.php. • https://github.com/whitehatl/Vulnerability/blob/main/web/dedecms/5.7.94/member_toadmin.poc.md • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-36186 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2022-36186
17 Aug 2022 — Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. • https://github.com/gpac/gpac/issues/2223 • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-36190 – Debian Security Advisory 5411-1
https://notcve.org/view.php?id=CVE-2022-36190
17 Aug 2022 — Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. • https://github.com/gpac/gpac/issues/2220 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-36191 – Debian Security Advisory 5411-1
https://notcve.org/view.php?id=CVE-2022-36191
17 Aug 2022 — Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. • https://github.com/gpac/gpac/issues/2218 • CWE-787: Out-of-bounds Write •
CVSS: 6.4EPSS: 0%CPEs: 20EXPL: 0CVE-2022-34257 – Adobe Commerce Stored XSS Arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-34257
16 Aug 2022 — Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Adobe Commerce versiones 2.4.3-p2 (y anteriores), 2.3.7-p3 (y anteriores) y 2.4.4 (y anteriores) están afectadas por una vulnerabilidad d... • https://helpx.adobe.com/security/products/magento/apsb22-38.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 0%CPEs: 20EXPL: 0CVE-2022-34253 – Adobe Commerce XML Injection Arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-34253
16 Aug 2022 — Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an XML Injection vulnerability in the Widgets Module. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution. Exploitation of this issue does not require user interaction. Adobe Commerce versiones 2.4.3-p2 (y anteriores), 2.3.7-p3 (y anteriores) y 2.4.4 (y anteriores) están afectadas por una vulnerabilidad de inyección XML en el módulo de widgets. ... • https://helpx.adobe.com/security/products/magento/apsb22-38.html • CWE-91: XML Injection (aka Blind XPath Injection) •
CVSS: 9.0EPSS: 0%CPEs: 20EXPL: 0CVE-2022-34254 – Adobe Commerce Improper Limitation of a Pathname to a Restricted Directory Arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-34254
16 Aug 2022 — Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could be abused by an attacker to inject malicious scripts into the vulnerable endpoint. A low privileged attacker could leverage this vulnerability to read local files and to perform Stored XSS. Exploitation of this issue does not require user interaction. Adobe Commerce versiones 2.4.3-p2 (y anter... • https://helpx.adobe.com/security/products/magento/apsb22-38.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •