Total
3677 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-29819 | 1 Jetbrains | 1 Intellij Idea | 2024-11-21 | 4.4 MEDIUM | 6.9 MEDIUM |
| In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible | |||||
| CVE-2022-29815 | 1 Jetbrains | 1 Intellij Idea | 2024-11-21 | 4.6 MEDIUM | 6.9 MEDIUM |
| In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible | |||||
| CVE-2022-29814 | 1 Jetbrains | 1 Intellij Idea | 2024-11-21 | 4.4 MEDIUM | 6.9 MEDIUM |
| In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible | |||||
| CVE-2022-29813 | 1 Jetbrains | 1 Intellij Idea | 2024-11-21 | 4.6 MEDIUM | 6.9 MEDIUM |
| In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible | |||||
| CVE-2022-29307 | 1 Ionizecms | 1 Ionize | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| IonizeCMS v1.0.8.1 was discovered to contain a command injection vulnerability via the function copy_lang_content in application/models/lang_model.php. | |||||
| CVE-2022-29221 | 3 Debian, Fedoraproject, Smarty | 3 Debian Linux, Fedora, Smarty | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious {block} name or {include} file name. Sites that cannot fully trust template authors should upgrade to versions 3.1.45 or 4.1.1 to receive a patch for this issue. There are currently no known workarounds. | |||||
| CVE-2022-29216 | 1 Google | 1 Tensorflow | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow's `saved_model_cli` tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reasons as the maintainers had several test cases where numpy expressions were used as arguments. However, given that the tool is always run manually, the impact of this is still not severe. The maintainers have now removed the `safe=False` argument, so all parsing is done without calling `eval`. The patch is available in versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4. | |||||
| CVE-2022-29171 | 1 Sourcegraph | 1 Sourcegraph | 2024-11-21 | 6.0 MEDIUM | 6.6 MEDIUM |
| Sourcegraph is a fast and featureful code search and navigation engine. Versions before 3.38.0 are vulnerable to Remote Code Execution in the gitserver service. The Gitolite code host integration with Phabricator allows Sourcegraph site admins to specify a `callsignCommand`, which is used to obtain the Phabricator metadata for a Gitolite repository. An administrator who is able to edit or add a Gitolite code host and has administrative access to Sourcegraph’s bundled Grafana instance can change this command arbitrarily and run it remotely. This grants direct access to the infrastructure underlying the Sourcegraph installation. The attack requires: site-admin privileges on the instance of Sourcegraph, Administrative privileges on the bundled Grafana monitoring instance, Knowledge of the gitserver IP address or DNS name (if running in Kubernetes). This can be found through Grafana. The issue is patched in version 3.38.0. You may disable Gitolite code hosts. We still highly encourage upgrading regardless of workarounds. | |||||
| CVE-2022-29078 | 1 Ejs | 1 Ejs | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js allows server-side template injection in settings[view options][outputFunctionName]. This is parsed as an internal option, and overwrites the outputFunctionName option with an arbitrary OS command (which is executed upon template compilation). | |||||
| CVE-2022-26982 | 1 Simplemachines | 1 Simple Machines Forum | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| SimpleMachinesForum 2.1.1 and earlier allows remote authenticated administrators to execute arbitrary code by inserting a vulnerable php code because the themes can be modified by an administrator. NOTE: the vendor's position is that administrators are intended to have the ability to modify themes, and can thus choose any PHP code that they wish to have executed on the server. | |||||
| CVE-2022-25894 | 1 Uflo Project | 1 Uflo | 2024-11-21 | N/A | 9.8 CRITICAL |
| All versions of the package com.bstek.uflo:uflo-core are vulnerable to Remote Code Execution (RCE) in the ExpressionContextImpl class via jexl.createExpression(expression).evaluate(context); functionality, due to improper user input validation. | |||||
| CVE-2022-25813 | 1 Apache | 1 Ofbiz | 2024-11-21 | N/A | 7.5 HIGH |
| In Apache OFBiz, versions 18.12.05 and earlier, an attacker acting as an anonymous user of the ecommerce plugin, can insert a malicious content in a message “Subject” field from the "Contact us" page. Then a party manager needs to list the communications in the party component to activate the SSTI. A RCE is then possible. | |||||
| CVE-2022-25812 | 1 Transposh | 1 Transposh Wordpress Translation | 2024-11-21 | N/A | 7.2 HIGH |
| The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high privilege users such as admin to perform RCE | |||||
| CVE-2022-25760 | 1 Accesslog Project | 1 Accesslog | 2024-11-21 | 10.0 HIGH | 7.1 HIGH |
| All versions of package accesslog are vulnerable to Arbitrary Code Injection due to the usage of the Function constructor without input sanitization. If (attacker-controlled) user input is given to the format option of the package's exported constructor function, it is possible for an attacker to execute arbitrary JavaScript code on the host that this package is being run on. | |||||
| CVE-2022-25759 | 1 Convert-svg-core Project | 1 Convert-svg-core | 2024-11-21 | N/A | 9.9 CRITICAL |
| The package convert-svg-core before 0.6.2 are vulnerable to Remote Code Injection via sending an SVG file containing the payload. | |||||
| CVE-2022-25578 | 1 Taogogo | 1 Taocms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| taocms v3.0.2 allows attackers to execute code injection via arbitrarily editing the .htaccess file. | |||||
| CVE-2022-25498 | 1 Cuppacms | 1 Cuppacms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| CuppaCMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the saveConfigData function in /classes/ajax/Functions.php. | |||||
| CVE-2022-25018 | 1 Pluxml | 1 Pluxml | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages. | |||||
| CVE-2022-24817 | 1 Fluxcd | 3 Flux2, Helm-controller, Kustomize-controller | 2024-11-21 | 6.5 MEDIUM | 9.9 CRITICAL |
| Flux2 is an open and extensible continuous delivery solution for Kubernetes. Flux2 versions between 0.1.0 and 0.29.0, helm-controller 0.1.0 to v0.19.0, and kustomize-controller 0.1.0 to v0.23.0 are vulnerable to Code Injection via malicious Kubeconfig. In multi-tenancy deployments this can also lead to privilege escalation if the controller's service account has elevated permissions. Workarounds include disabling functionality via Validating Admission webhooks by restricting users from setting the `spec.kubeConfig` field in Flux `Kustomization` and `HelmRelease` objects. Additional mitigations include applying restrictive AppArmor and SELinux profiles on the controller’s pod to limit what binaries can be executed. This vulnerability is fixed in kustomize-controller v0.23.0 and helm-controller v0.19.0, both included in flux2 v0.29.0 | |||||
| CVE-2022-24816 | 1 Geosolutionsgroup | 1 Jai-ext | 2024-11-21 | 7.5 HIGH | 10.0 CRITICAL |
| JAI-EXT is an open-source project which aims to extend the Java Advanced Imaging (JAI) API. Programs allowing Jiffle script to be provided via network request can lead to a Remote Code Execution as the Jiffle script is compiled into Java code via Janino, and executed. In particular, this affects the downstream GeoServer project. Version 1.2.22 will contain a patch that disables the ability to inject malicious code into the resulting script. Users unable to upgrade may negate the ability to compile Jiffle scripts from the final application, by removing janino-x.y.z.jar from the classpath. | |||||