CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-36270
https://notcve.org/view.php?id=CVE-2022-36270
Clinic's Patient Management System v1.0 has arbitrary code execution via url: ip/pms/users.php. • https://github.com/FF9118/bug_report/blob/main/vendors/oretnom23/clinics-patient-management-system/RCE-1.md •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-30580 – Empty Cmd.Path can trigger unintended binary in os/exec on Windows
https://notcve.org/view.php?id=CVE-2022-30580
Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in the working directory named either "..com" or "..exe" by calling Cmd.Run, Cmd.Start, Cmd.Output, or Cmd.CombinedOutput when Cmd.Path is unset. • https://go.dev/cl/403759 https://go.dev/issue/52574 https://go.googlesource.com/go/+/960ffa98ce73ef2c2060c84c7ac28d37a83f345e https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ https://pkg.go.dev/vuln/GO-2022-0532 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32543
https://notcve.org/view.php?id=CVE-2022-32543
A specially-crafted OLE file can lead to a heap buffer overflow which can result in arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1527 • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29886
https://notcve.org/view.php?id=CVE-2022-29886
A specially-crafted OLE file can lead to a heap buffer overflow, which can result in arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1533 • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-33730
https://notcve.org/view.php?id=CVE-2022-33730
Heap-based buffer overflow vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows arbitrary code execution by physical attackers. • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-787: Out-of-bounds Write •