CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 1CVE-2023-26119
https://notcve.org/view.php?id=CVE-2023-26119
Versions of the package net.sourceforge.htmlunit:htmlunit from 0 and before 3.0.0 are vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage. • https://github.com/HtmlUnit/htmlunit/commit/641325bbc84702dc9800ec7037aec061ce21956b https://security.snyk.io/vuln/SNYK-JAVA-NETSOURCEFORGEHTMLUNIT-3252500 https://siebene.github.io/2022/12/30/HtmlUnit-RCE • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2CVE-2023-1196 – Advanced Custom Fields - Contributor+ PHP Object Injection
https://notcve.org/view.php?id=CVE-2023-1196
The Advanced Custom Fields (ACF) Free and Pro WordPress plugins 6.x before 6.1.0 and 5.x before 5.12.5 unserialize user controllable data, which could allow users with a role of Contributor and above to perform PHP Object Injection when a suitable gadget is present. The Advanced Custom Fields plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 6.0.7 via deserialization of untrusted input in custom field values. This makes it possible for authenticated attackers, with contributor-level permissions, and above to inject a PHP Object. No POP chain appears to be present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. • https://wpscan.com/vulnerability/8e5ec88e-0e66-44e4-bbf2-74155d849ede https://wpscan.com/vulnerability/cf376ca2-92f6-44ff-929a-ace809460a33 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1773 – Rockoa Configuration File webmainConfig.php code injection
https://notcve.org/view.php?id=CVE-2023-1773
The manipulation leads to code injection. ... Durch Beeinflussen mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. • https://gitee.com/galaxies2580/cve/blob/master/xinhuv2.3.2.md https://vuldb.com/?ctiid.224674 https://vuldb.com/?id.224674 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-25076
https://notcve.org/view.php?id=CVE-2023-25076
A specially crafted HTTP or TLS packet can lead to arbitrary code execution. • https://github.com/dlundquist/sniproxy/commit/f8d9a433fe22ab2fa15c00179048ab02ae23d583 https://lists.debian.org/debian-lts-announce/2023/04/msg00030.html https://talosintelligence.com/vulnerability_reports/TALOS-2023-1731 https://www.debian.org/security/2023/dsa-5413 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-28731 – Unauthenticated RCE affecting the AcyMailing plugin for Joomla
https://notcve.org/view.php?id=CVE-2023-28731
AnyMailing Joomla Plugin is vulnerable to unauthenticated remote code execution, when being granted access to the campaign's creation on front-office due to unrestricted file upload allowing PHP code to be injected. This issue affects AnyMailing Joomla Plugin Enterprise in versions below 8.3.0. • https://www.acymailing.com/change-log https://www.bugbounty.ch/advisories/CVE-2023-28731 • CWE-20: Improper Input Validation CWE-434: Unrestricted Upload of File with Dangerous Type •