CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-33721
https://notcve.org/view.php?id=CVE-2022-33721
A vulnerability using PendingIntent in DeX for PC prior to SMR Aug-2022 Release 1 allows attackers to access files with system privilege. Una vulnerabilidad que usa PendingIntent en DeX para PC versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes acceder a los archivos con privilegio system • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33725
https://notcve.org/view.php?id=CVE-2022-33725
A vulnerability using PendingIntent in Knox VPN prior to SMR Aug-2022 Release 1 allows attackers to access content providers with system privilege. Una vulnerabilidad usando PendingIntent en Knox VPN versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes acceder a los proveedores de contenido con privilegio del sistema • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2636 – Code Injection in hestiacp/hestiacp
https://notcve.org/view.php?id=CVE-2022-2636
Improper Control of Generation of Code ('Code Injection') in GitHub repository hestiacp/hestiacp prior to 1.6.6. • https://github.com/hestiacp/hestiacp/commit/b178b9719bb2c98cf8a6db70065086f596afad81 https://huntr.dev/bounties/357c0390-631c-4684-b6e1-a6d8b2453d66 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-37396
https://notcve.org/view.php?id=CVE-2022-37396
In JetBrains Rider before 2022.2 Trust and Open Project dialog could be bypassed, leading to local code execution En JetBrains Rider versiones anteriores a 2022.2, el diálogo confiable y de apertura de proyectos puede ser evitada, conllevando a una ejecución de código local • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34625
https://notcve.org/view.php?id=CVE-2022-34625
Mealie1.0.0beta3 was discovered to contain a Server-Side Template Injection vulnerability, which allows attackers to execute arbitrary code via a crafted Jinja2 template. Se ha detectado que Mealie versión 1.0.0beta3, contiene una vulnerabilidad de inyección de plantillas del lado del servidor, que permite a atacantes ejecutar código arbitrario por medio de una plantilla Jinja2 diseñada • https://cwe.mitre.org/data/definitions/1336.html https://cwe.mitre.org/data/definitions/94.html https://docs.mealie.io/changelog/v0.5.6 https://gainsec.com/2022/08/02/cve-2022-34625-ssti-rce-mealie https://hub.docker.com/r/hkotel/mealie • CWE-94: Improper Control of Generation of Code ('Code Injection') •