Total
50 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-40635 | 1 Craftercms | 1 Crafter Cms | 2024-02-28 | N/A | 7.2 HIGH |
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. | |||||
CVE-2022-36067 | 1 Vm2 Project | 1 Vm2 | 2024-02-28 | N/A | 10.0 CRITICAL |
vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. In versions prior to version 3.9.11, a threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version 3.9.11 of vm2. There are no known workarounds. | |||||
CVE-2022-39051 | 1 Otrs | 1 Otrs | 2024-02-28 | N/A | 8.8 HIGH |
Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package | |||||
CVE-2022-44000 | 1 Backclick | 1 Backclick | 2024-02-28 | N/A | 9.8 CRITICAL |
An issue was discovered in BACKCLICK Professional 5.9.63. Due to an exposed internal communications interface, it is possible to execute arbitrary system commands on the server. | |||||
CVE-2022-3225 | 1 Budibase | 1 Budibase | 2024-02-28 | N/A | 5.7 MEDIUM |
Improper Control of Dynamically-Managed Code Resources in GitHub repository budibase/budibase prior to 1.3.20. | |||||
CVE-2022-40634 | 1 Craftercms | 1 Crafter Cms | 2024-02-28 | N/A | 7.2 HIGH |
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI. | |||||
CVE-2021-23267 | 1 Craftercms | 1 Crafter Cms | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods. | |||||
CVE-2022-25355 | 1 Ec-cube | 1 Ec-cube | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
EC-CUBE 3.0.0 to 3.0.18-p3 and EC-CUBE 4.0.0 to 4.1.1 improperly handle HTTP Host header values, which may lead a remote unauthenticated attacker to direct the vulnerable version of EC-CUBE to send an Email with some forged reissue-password URL to EC-CUBE users. | |||||
CVE-2022-27889 | 1 Palantir | 1 Foundry Multipass | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
The Multipass service was found to have code paths that could be abused to cause a denial of service for authentication or authorization operations. A malicious attacker could perform an application-level denial of service attack, potentially causing authentication and/or authorization operations to fail for the duration of the attack. This could lead to performance degradation or login failures for customer Palantir Foundry environments. This vulnerability is resolved in Multipass 3.647.0. This issue affects: Palantir Foundry Multipass versions prior to 3.647.0. | |||||
CVE-2022-25265 | 2 Linux, Netapp | 17 Linux Kernel, Baseboard Management Controller Firmware, H300e and 14 more | 2024-02-28 | 4.4 MEDIUM | 7.8 HIGH |
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file. | |||||
CVE-2021-42809 | 2 Microsoft, Thalesgroup | 2 Windows, Sentinel Protection Installer | 2024-02-28 | 6.9 MEDIUM | 7.8 HIGH |
Improper Access Control of Dynamically-Managed Code Resources (DLL) in Thales Sentinel Protection Installer could allow the execution of arbitrary code. | |||||
CVE-2021-23259 | 1 Craftercms | 1 Crafter Cms | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
Authenticated users with Administrator or Developer roles may execute OS commands by Groovy Script which uses Groovy lib to render a webpage. The groovy script does not have security restrictions, which will cause attackers to execute arbitrary commands remotely(RCE). | |||||
CVE-2021-23262 | 1 Craftercms | 1 Crafter Cms | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
Authenticated administrators may modify the main YAML configuration file and load a Java class resulting in RCE. | |||||
CVE-2021-23258 | 1 Craftercms | 1 Crafter Cms | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
Authenticated users with Administrator or Developer roles may execute OS commands by SPEL Expression in Spring beans. SPEL Expression does not have security restrictions, which will cause attackers to execute arbitrary commands remotely (RCE). | |||||
CVE-2021-32563 | 1 Xfce | 1 Thunar | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2. When called with a regular file as a command-line argument, it delegates to a different program (based on the file type) without user confirmation. This could be used to achieve code execution. | |||||
CVE-2021-21413 | 1 Isolated-vm Project | 1 Isolated-vm | 2024-02-28 | 5.8 MEDIUM | 9.6 CRITICAL |
isolated-vm is a library for nodejs which gives you access to v8's Isolate interface. Versions of isolated-vm before v4.0.0 have API pitfalls which may make it easy for implementers to expose supposed secure isolates to the permissions of the main nodejs isolate. Reference objects allow access to the underlying reference's full prototype chain. In an environment where the implementer has exposed a Reference instance to an attacker they would be able to use it to acquire a Reference to the nodejs context's Function object. Similar application-specific attacks could be possible by modifying the local prototype of other API objects. Access to NativeModule objects could allow an attacker to load and run native code from anywhere on the filesystem. If combined with, for example, a file upload API this would allow for arbitrary code execution. This is addressed in v4.0.0 through a series of related changes. | |||||
CVE-2021-22387 | 1 Huawei | 2 Emui, Magic Ui | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
There is an Improper Control of Dynamically Managing Code Resources Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to remotely execute commands. | |||||
CVE-2021-32813 | 1 Traefik | 1 Traefik | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.4.13, there exists a potential header vulnerability in Traefik's handling of the Connection header. Active exploitation of this issue is unlikely, as it requires that a removed header would lead to a privilege escalation, however, the Traefik team has addressed this issue to prevent any potential abuse. If one has a chain of Traefik middlewares, and one of them sets a request header, then sending a request with a certain Connection header will cause it to be removed before the request is sent. In this case, the backend does not see the request header. A patch is available in version 2.4.13. There are no known workarounds aside from upgrading. | |||||
CVE-2020-25802 | 1 Craftercms | 1 Studio | 2024-02-28 | 9.0 HIGH | 7.2 HIGH |
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy scripting. This issue affects: Crafter Software Crafter CMS 3.0 versions prior to 3.0.27; 3.1 versions prior to 3.1.7. | |||||
CVE-2020-3419 | 1 Cisco | 1 Webex Meetings Server | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to join a Webex session without appearing on the participant list. This vulnerability is due to improper handling of authentication tokens by a vulnerable Webex site. An attacker could exploit this vulnerability by sending crafted requests to a vulnerable Cisco Webex Meetings or Cisco Webex Meetings Server site. A successful exploit requires the attacker to have access to join a Webex meeting, including applicable meeting join links and passwords. The attacker could then exploit this vulnerability to join meetings, without appearing in the participant list, while having full access to audio, video, chat, and screen sharing capabilities. |