CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 4CVE-2021-46063
https://notcve.org/view.php?id=CVE-2021-46063
18 Feb 2022 — MCMS v5.2.5 was discovered to contain a Server Side Template Injection (SSTI) vulnerability via the Template Management module. Se ha detectado que MCMS versión v5.2.5, contiene una vulnerabilidad de inyección de plantillas del lado del servidor (SSTI) por medio del módulo de administración de plantillas • https://github.com/miguelc49/CVE-2021-46063-2 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-3657 – Gentoo Linux Security Advisory 202208-15
https://notcve.org/view.php?id=CVE-2021-3657
18 Feb 2022 — Debido al manejo inapropiado de literales IMAP extremadamente grandes ()=2GiB), los servidores IMAP maliciosos o comprometidos, e hipotéticamente incluso los remitentes de correo electrónico externos, podrían causar varios desbordamientos de búfer diferentes, que podrían ser explotados para una ejecución de código remota Multiple vulnerabilities have been discovered in isync, the worst of which could result in arbitrary code execution. • https://bugzilla.redhat.com/show_bug.cgi?id=2028932 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 3CVE-2022-25315 – expat: Integer overflow in storeRawNames()
https://notcve.org/view.php?id=CVE-2022-25315
18 Feb 2022 — This flaw can cause a denial of service or potentially arbitrary code execution. • https://github.com/ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25315 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 4CVE-2022-22909 – Hotel Druid 3.0.3 - Remote Code Execution (RCE)
https://notcve.org/view.php?id=CVE-2022-22909
18 Feb 2022 — HotelDruid v3.0.3 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via an attacker inserting a crafted payload into the name field under the Create New Room module. Se ha detectado que HotelDruid versión v3.0.3, contiene una vulnerabilidad de ejecución de código remota (RCE) que es aprovechada por medio de un atacante que inserta una carga útil diseñada en el campo name en el módulo Create New Room Hotel Druid version 3.0.3 suffers from a remote code execution vulnera... • https://packetstorm.news/files/id/166052 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-3578 – Gentoo Linux Security Advisory 202208-15
https://notcve.org/view.php?id=CVE-2021-3578
16 Feb 2022 — Esto podría ser explotado de forma plausible para una ejecución de código remota en el cliente Multiple vulnerabilities have been discovered in isync, the worst of which could result in arbitrary code execution. • http://www.openwall.com/lists/oss-security/2021/06/07/1 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2021-21958
https://notcve.org/view.php?id=CVE-2021-21958
16 Feb 2022 — A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. • https://blog.talosintelligence.com/2022/02/vuln-spotlight-.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23202 – Adobe Creative Cloud Desktop Uncontrolled Search Path Element Arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-23202
16 Feb 2022 — Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/creative-cloud/apsb22-11.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 10.0EPSS: 21%CPEs: 14EXPL: 10CVE-2022-24086 – Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2022-24086
16 Feb 2022 — Exploitation of this issue does not require user interaction and could result in arbitrary code execution. ... Una explotación de este problema no requiere la interacción del usuario y podría resultar en una ejecución de código arbitrario Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution. • https://github.com/Mr-xn/CVE-2022-24086 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-23203 – Adobe Photoshop Buffer Overflow could lead to Arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-23203
16 Feb 2022 — Adobe Photoshop versions 22.5.4 (and earlier) and 23.1 (and earlier) are affected by a buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/photoshop/apsb22-08.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-23186 – Adobe Illustrator Out-of-bounds Write could lead to Arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-23186
16 Feb 2022 — Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/illustrator/apsb22-07.html • CWE-787: Out-of-bounds Write •