CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0671 – Code Injection in froxlor/froxlor
https://notcve.org/view.php?id=CVE-2023-0671
Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10. • https://github.com/froxlor/froxlor/commit/0034681412057fef2dfe9cce9f8a6e3321f52edc https://huntr.dev/bounties/c2a84917-7ac0-4169-81c1-b61e617023de • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-23477 – IBM WebSphere Application Server code execution
https://notcve.org/view.php?id=CVE-2023-23477
IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects. IBM X-Force ID: 245513. • https://exchange.xforce.ibmcloud.com/vulnerabilities/245513 https://www.ibm.com/support/pages/node/6891111 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-24576
https://notcve.org/view.php?id=CVE-2023-24576
EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the NetWorker Client execution service (nsrexecd) irrespective of any auth used. • https://www.dell.com/support/kbdoc/en-us/000208258/dsa-2023-041-dell-networker-security-update-for-nsrdump-vulnerability • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.0EPSS: 0%CPEs: 50EXPL: 0CVE-2022-43779
https://notcve.org/view.php?id=CVE-2022-43779
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial of service, and information disclosure. • https://support.hp.com/us-en/document/ish_7394557-7394585-16/hpsbhf03829 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2021-36424
https://notcve.org/view.php?id=CVE-2021-36424
An issue discovered in phpwcms 1.9.25 allows remote attackers to run arbitrary code via DB user field during installation. • https://github.com/slackero/phpwcms/issues/310 • CWE-94: Improper Control of Generation of Code ('Code Injection') •