CVSS: 7.9EPSS: 0%CPEs: 800EXPL: 0CVE-2022-26861
https://notcve.org/view.php?id=CVE-2022-26861
A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during SMM. • https://www.dell.com/support/kbdoc/000202194 • CWE-1038: Insecure Automated Optimizations •
CVSS: 7.8EPSS: 0%CPEs: 800EXPL: 0CVE-2022-26860
https://notcve.org/view.php?id=CVE-2022-26860
A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM. • https://www.dell.com/support/kbdoc/000202194 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-35847
https://notcve.org/view.php?id=CVE-2022-35847
An improper neutralization of special elements used in a template engine vulnerability [CWE-1336] in FortiSOAR management interface 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.4 may allow a remote and authenticated attacker to execute arbitrary code via a crafted payload. Una vulnerabilidad de neutralización inapropiada de los elementos especiales usados en el motor de plantillas [CWE-1336] en la interfaz de administración de FortiSOAR versiones 7.2.0, 7.0.0 hasta 7.0.3, 6.4.0 hasta 6.4.4 puede permitir a un atacante remoto y autenticado ejecutar código arbitrario por medio de una carga útil diseñada. • https://fortiguard.com/psirt/FG-IR-22-306 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-25813 – Server-Side Template Injection affecting the ecommerce plugin of Apache OFBiz
https://notcve.org/view.php?id=CVE-2022-25813
In Apache OFBiz, versions 18.12.05 and earlier, an attacker acting as an anonymous user of the ecommerce plugin, can insert a malicious content in a message “Subject” field from the "Contact us" page. Then a party manager needs to list the communications in the party component to activate the SSTI. A RCE is then possible. En Apache OFBiz, versiones 18.12.05 y anteriores, un atacante que actúe como usuario anónimo del plugin de comercio electrónico, puede insertar un contenido malicioso en el campo "Subject" de un mensaje de la página "Contact us". A continuación, un administrador de la fiesta necesita listar las comunicaciones en el componente de la fiesta para activar el SSTI. • https://github.com/mbadanoiu/CVE-2022-25813 http://www.openwall.com/lists/oss-security/2022/09/02/4 https://lists.apache.org/thread/vmj5s0qb59t0lvzf3vol3z1sc3sgyb2b • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34383
https://notcve.org/view.php?id=CVE-2022-34383
A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM. • https://www.dell.com/support/kbdoc/en-us/000202711 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •