CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 2CVE-2022-32271
https://notcve.org/view.php?id=CVE-2022-32271
03 Jun 2022 — In Real Player 20.0.8.310, there is a DCP:// URI Remote Arbitrary Code Execution Vulnerability. • https://github.com/Edubr2020/RP_DCP_Code_Exec • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2022-32269
https://notcve.org/view.php?id=CVE-2022-32269
03 Jun 2022 — This leads to arbitrary code execution. • https://github.com/Edubr2020/RealPlayer_G2_RCE • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-26869
https://notcve.org/view.php?id=CVE-2022-26869
02 Jun 2022 — A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and arbitrary code execution. • https://www.dell.com/support/kbdoc/000196367 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26944 – Gentoo Linux Security Advisory 202408-15
https://notcve.org/view.php?id=CVE-2022-26944
02 Jun 2022 — NOTA: este problema se presenta debido a una corrección incompleta de CVE-2020-10997 Multiple vulnerabilities have been discovered in Percona XtraBackup, the worst of which could lead to arbitrary code execution. • https://docs.percona.com/percona-xtrabackup/2.4/release-notes/2.4/2.4.25.html •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32019
https://notcve.org/view.php?id=CVE-2022-32019
02 Jun 2022 — Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via car-rental-management-system/admin/ajax.php? • https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/RCE-1.md • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32020
https://notcve.org/view.php?id=CVE-2022-32020
02 Jun 2022 — Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via ip/car-rental-management-system/admin/ajax.php? • https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/RCE-2.md •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-1968 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-1968
02 Jun 2022 — An attacker could potentially use this issue to cause the corruption of sensitive information, a crash, or arbitrary code execution. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-26634 – Maxboard multiple vulnerabilities
https://notcve.org/view.php?id=CVE-2021-26634
01 Jun 2022 — SQL injection and file upload attacks are possible due to insufficient validation of input values in some parameters and variables of files compromising Maxboard, which may lead to arbitrary code execution or privilege escalation. • https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66746 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-288: Authentication Bypass Using an Alternate Path or Channel CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 4.3EPSS: 0%CPEs: 17EXPL: 1CVE-2022-30115 – Gentoo Linux Security Advisory 202212-01
https://notcve.org/view.php?id=CVE-2022-30115
01 Jun 2022 — O al revés, si el endpoint estuviera en la caché HSTS y *no* es usado el punto al final en la URL Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. • http://www.openwall.com/lists/oss-security/2022/10/26/4 • CWE-319: Cleartext Transmission of Sensitive Information CWE-325: Missing Cryptographic Step •
CVSS: 5.3EPSS: 0%CPEs: 18EXPL: 1CVE-2022-27779 – Gentoo Linux Security Advisory 202212-01
https://notcve.org/view.php?id=CVE-2022-27779
01 Jun 2022 — Esta comprobación no funcionaba si el nombre del host en la URL usaba un punto al final, lo que podía permitir que sitios arbitrarios establecieran cookies que sean enviadas a un sitio o dominio diferente y no relacionado Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. • https://hackerone.com/reports/1553301 • CWE-201: Insertion of Sensitive Information Into Sent Data •