CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29307
https://notcve.org/view.php?id=CVE-2022-29307
12 May 2022 — IonizeCMS v1.0.8.1 was discovered to contain a command injection vulnerability via the function copy_lang_content in application/models/lang_model.php. Se ha detectado que IonizeCMS versión v1.0.8.1, contiene una vulnerabilidad de inyección de comandos por medio de la función copy_lang_content en el archivo application/models/lang_model.php • https://github.com/ionize/ionize/issues/405 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 0%CPEs: 14EXPL: 0CVE-2022-28234 – Adobe Acrobat Reader DC Heap Overflow Could Lead to RCE
https://notcve.org/view.php?id=CVE-2022-28234
11 May 2022 — Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a heap-based buffer overflow vulnerability due to insecure handling of a crafted .pdf file, potentially resulting in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-42651
https://notcve.org/view.php?id=CVE-2021-42651
11 May 2022 — A Server Side Template Injection (SSTI) vulnerability in Pentest-Collaboration-Framework v1.0.8 allows an authenticated remote attacker to execute arbitrary code through /project/PROJECTNAME/reports/. Una vulnerabilidad de tipo Server Side Template Injection (SSTI) en Pentest-Collaboration-Framework versión v1.0.8, permite a un atacante remoto autenticado ejecutar código arbitrario mediante /project/PROJECTNAME/reports/ • https://gitlab.com/invuls/pentest-projects/pcf/-/commit/67ca59ff668a4f361a0c6b1327287e484987b6f1 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 46EXPL: 0CVE-2021-46771
https://notcve.org/view.php?id=CVE-2021-46771
10 May 2022 — Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by a compromised user application. • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-28831 – Adobe InDesign Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-28831
10 May 2022 — Adobe InDesign versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb22-23.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-28833 – Adobe InDesign Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-28833
10 May 2022 — Adobe InDesign versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb22-23.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-28836 – Adobe InCopy Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-28836
10 May 2022 — Adobe InCopy versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/incopy/apsb22-28.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 10%CPEs: 4EXPL: 0CVE-2022-28835 – Adobe InCopy Font Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-28835
10 May 2022 — Adobe InCopy versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/incopy/apsb22-28.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-28834 – Adobe InCopy Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-28834
10 May 2022 — Adobe InCopy versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/incopy/apsb22-28.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-27532 – Autodesk 3DS Max TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-27532
10 May 2022 — This vulnerability in conjunction with other vulnerabilities could lead to arbitrary code execution. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0010 • CWE-787: Out-of-bounds Write •