CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25818
https://notcve.org/view.php?id=CVE-2022-25818
08 Mar 2022 — Improper boundary check in UWB stack prior to SMR Mar-2022 Release 1 allows arbitrary code execution. • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=3 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2021-43944
https://notcve.org/view.php?id=CVE-2021-43944
08 Mar 2022 — This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Server and Data Center allowed remote attackers with system administrator permissions to execute arbitrary code via Template Injection leading to Remote Code Execution (RCE) in the Email Templates feature. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3. Este problema se presenta para documentar q... • https://jira.atlassian.com/browse/JRASERVER-73072 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 5CVE-2022-24715 – Arbitrary code execution for authenticated users in Icinga Web 2
https://notcve.org/view.php?id=CVE-2022-24715
08 Mar 2022 — Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbitrary code. This issue has been resolved in versions 2.8.6, 2.9.6 and 2.10 of Icinga Web 2. Users unable to upgrade should limit access to the Icinga Web 2 configuration. Icinga Web 2 es una interfaz web de monitorización de código abierto, un framework y una interfaz de l... • https://packetstorm.news/files/id/173516 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25325
https://notcve.org/view.php?id=CVE-2022-25325
07 Mar 2022 — Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. • https://jvn.jp/en/vu/JVNVU90121984/index.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25234
https://notcve.org/view.php?id=CVE-2022-25234
07 Mar 2022 — Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. • https://jvn.jp/en/vu/JVNVU90121984/index.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25230
https://notcve.org/view.php?id=CVE-2022-25230
07 Mar 2022 — Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. • https://jvn.jp/en/vu/JVNVU90121984/index.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-21219
https://notcve.org/view.php?id=CVE-2022-21219
07 Mar 2022 — Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. • https://jvn.jp/en/vu/JVNVU90121984/index.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-21124
https://notcve.org/view.php?id=CVE-2022-21124
07 Mar 2022 — Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. • http://www.openwall.com/lists/oss-security/2022/06/14/4 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 2%CPEs: 5EXPL: 2CVE-2022-26485 – Mozilla Firefox Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2022-26485
07 Mar 2022 — Mozilla Firefox contains a use-after-free vulnerability in XSLT parameter processing which can be exploited to perform arbitrary code execution. • https://github.com/mistymntncop/CVE-2022-26485 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 2CVE-2022-26486 – Mozilla Firefox Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2022-26486
07 Mar 2022 — Mozilla Firefox contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution. • https://bugzilla.mozilla.org/show_bug.cgi?id=1758070 • CWE-416: Use After Free •