CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20507
https://notcve.org/view.php?id=CVE-2022-20507
In onMulticastListUpdateNotificationReceived of UwbEventManager.java, there is a possible arbitrary code execution due to a missing bounds check. • https://source.android.com/security/bulletin/pixel/2022-12-01 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32763
https://notcve.org/view.php?id=CVE-2022-32763
A specially-crafted HTTP request can lead to arbitrary Javascript code injection. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1541 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-184: Incomplete List of Disallowed Inputs •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-28703
https://notcve.org/view.php?id=CVE-2022-28703
A specially-crafted HTTP request can lead to arbitrary Javascript code injection. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1532 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2022-23474 – editor.js contains Code Injection
https://notcve.org/view.php?id=CVE-2022-23474
Versions prior to 2.26.0 are vulnerable to Code Injection via pasted input. • https://github.com/codex-team/editor.js/pull/2100 https://securitylab.github.com/advisories/GHSL-2022-028_codex-team_editor_js • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-46696
https://notcve.org/view.php?id=CVE-2022-46696
Processing maliciously crafted web content may lead to arbitrary code execution. • http://seclists.org/fulldisclosure/2022/Dec/20 http://seclists.org/fulldisclosure/2022/Dec/23 http://seclists.org/fulldisclosure/2022/Dec/26 http://seclists.org/fulldisclosure/2022/Dec/27 http://seclists.org/fulldisclosure/2022/Dec/28 https://support.apple.com/en-us/HT213530 https://support.apple.com/en-us/HT213532 https://support.apple.com/en-us/HT213535 https://support.apple.com/en-us/HT213536 https://support.apple.com/en-us/HT213537 • CWE-787: Out-of-bounds Write •