CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-32224 – activerecord: Possible RCE escalation bug with Serialized Columns in Active Record
https://notcve.org/view.php?id=CVE-2022-32224
A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 and <5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ability to escalate to an RCE. Existe una posible escalada a la vulnerabilidad RCE cuando se utilizan columnas serializadas YAML en Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 y <5.2.8.1, lo que podría permitir a un atacante, que puede manipular datos en la base de datos (a través de medios como la inyección SQL), la capacidad de escalar a un RCE. An insecure deserialization flaw was found in Active Record, which uses YAML.unsafe_load to convert the YAML data into Ruby objects. An attacker supplying crafted data to the database can perform remote code execution (RCE), resulting in complete system compromise. • https://github.com/advisories/GHSA-3hhc-qp5v-9p2j https://groups.google.com/g/rubyonrails-security/c/MmFO3LYQE8U https://access.redhat.com/security/cve/CVE-2022-32224 https://bugzilla.redhat.com/show_bug.cgi?id=2108997 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-502: Deserialization of Untrusted Data •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3853 – Supra CSV <= 4.0.3 - Stored Cross-Site Scripting via CSRF
https://notcve.org/view.php?id=CVE-2022-3853
Cross-site Scripting (XSS) is a client-side code injection attack. • https://wpscan.com/vulnerability/c2bc7d23-5bfd-481c-b42b-da7ee80d9514 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 2CVE-2022-25912 – Remote Code Execution (RCE)
https://notcve.org/view.php?id=CVE-2022-25912
The package simple-git before 3.15.0 are vulnerable to Remote Code Execution (RCE) when enabling the ext transport protocol, which makes it exploitable via clone() method. This vulnerability exists due to an incomplete fix of [CVE-2022-24066](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-2434306). El paquete simple-git anterior a 3.15.0 es vulnerable a la ejecución remota de código (RCE) cuando se habilita el protocolo de transporte ext, lo que lo hace explotable mediante el método clone(). Esta vulnerabilidad existe debido a una solución incompleta de [CVE-2022-24066](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-2434306). The package simple-git is vulnerable to Remote Code Execution in versions before 3.15.0 when the ext transport protocol is enabled. • https://github.com/steveukx/git-js/blob/main/docs/PLUGIN-UNSAFE-ACTIONS.md%23overriding-allowed-protocols https://github.com/steveukx/git-js/commit/774648049eb3e628379e292ea172dccaba610504 https://github.com/steveukx/git-js/releases/tag/simple-git%403.15.0 https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3153532 https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23465 – SwiftTerm vulnerable to arbitrary command execution
https://notcve.org/view.php?id=CVE-2022-23465
SwiftTerm is a Xterm/VT100 Terminal emulator. Prior to commit a94e6b24d24ce9680ad79884992e1dff8e150a31, an attacker could modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. Version a94e6b24d24ce9680ad79884992e1dff8e150a31 contains a patch for this issue. There are no known workarounds available. SwiftTerm es un emulador de terminal Xterm/VT100. • https://github.com/migueldeicaza/SwiftTerm/commit/a94e6b24d24ce9680ad79884992e1dff8e150a31 https://github.com/migueldeicaza/SwiftTerm/security/advisories/GHSA-jq43-q8mx-r7mq • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3696
https://notcve.org/view.php?id=CVE-2022-3696
A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than version 19.5 GA. • https://www.sophos.com/en-us/security-advisories/sophos-sa-20221201-sfos-19-5-0 • CWE-94: Improper Control of Generation of Code ('Code Injection') •