CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-4116 – quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE
https://notcve.org/view.php?id=CVE-2022-4116
A vulnerability was found in quarkus. This security flaw happens in Dev UI Config Editor which is vulnerable to drive-by localhost attacks leading to remote code execution. Se encontró una vulnerabilidad en los quarkus. Esta falla de seguridad ocurre en Dev UI Config Editor, que es vulnerable a ataques de host local que conducen a la ejecución remota de código. A vulnerability was found in quarkus. • https://access.redhat.com/security/cve/CVE-2022-4116 https://bugzilla.redhat.com/show_bug.cgi?id=2144748 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-35407
https://notcve.org/view.php?id=CVE-2022-35407
A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. • https://www.insyde.com/security-pledge https://www.insyde.com/security-pledge/SA-2022040 • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-41223 – Mitel MiVoice Connect Code Injection Vulnerability
https://notcve.org/view.php?id=CVE-2022-41223
The Director database component of MiVoice Connect through 19.3 (22.22.6100.0) could allow an authenticated attacker to conduct a code-injection attack via crafted data due to insufficient restrictions on the database data type. • https://www.mitel.com/support/security-advisories https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0008 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.4EPSS: 0%CPEs: 40EXPL: 0CVE-2021-3661
https://notcve.org/view.php?id=CVE-2021-3661
A potential security vulnerability has been identified in certain HP Workstation BIOS (UEFI firmware) which may allow arbitrary code execution. • https://support.hp.com/us-en/document/ish_5670997-5671021-16/hpsbhf03770 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-40129
https://notcve.org/view.php?id=CVE-2022-40129
A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing Optional Content Group API, which can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1614 • CWE-416: Use After Free •