CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2022-46604 – Responsive FileManager 9.9.5 - Remote Code Execution (RCE)
https://notcve.org/view.php?id=CVE-2022-46604
An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution. • https://www.exploit-db.com/exploits/51251 https://github.com/galoget/ResponsiveFileManager-CVE-2022-46604 http://packetstormsecurity.com/files/171720/Responsive-FileManager-9.9.5-Remote-Shell-Upload.html https://github.com/trippo/ResponsiveFilemanager/blob/v9.9.5/filemanager/execute.php https://github.com/trippo/ResponsiveFilemanager/blob/v9.9.6/changelog.txt https://medium.com/%40_sadshade/file-extention-bypass-in-responsive-filemanager-9-5-5-leading-to-rce-authenticated-3290eddc54e7 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.5EPSS: 0%CPEs: 482EXPL: 0CVE-2022-34398
https://notcve.org/view.php?id=CVE-2022-34398
A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system. • https://www.dell.com/support/kbdoc/000206038 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.8EPSS: 0%CPEs: 166EXPL: 0CVE-2022-34403
https://notcve.org/view.php?id=CVE-2022-34403
A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM. • https://www.dell.com/support/kbdoc/000205716 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-48093
https://notcve.org/view.php?id=CVE-2022-48093
Seacms v12.7 was discovered to contain a remote code execution (RCE) vulnerability via the ip parameter at admin_ ip.php. • https://www.yuque.com/litanhua-fost9/hu05qa/ng2cb9ln0i0oqpo7?singleDo • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 658EXPL: 0CVE-2022-27537
https://notcve.org/view.php?id=CVE-2022-27537
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. • https://support.hp.com/us-en/document/ish_6664419-6664458-16/hpsbhf03806 •