ReportizFlow
Filtered by vendor
Subscriptions
Total
4107 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-29819 | 1 Jetbrains | 1 Intellij Idea | 2024-11-21 | 6.9 Medium |
| In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible | ||||
| CVE-2022-29815 | 1 Jetbrains | 1 Intellij Idea | 2024-11-21 | 6.9 Medium |
| In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible | ||||
| CVE-2022-29814 | 1 Jetbrains | 1 Intellij Idea | 2024-11-21 | 6.9 Medium |
| In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible | ||||
| CVE-2022-29813 | 1 Jetbrains | 1 Intellij Idea | 2024-11-21 | 6.9 Medium |
| In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible | ||||
| CVE-2022-29307 | 1 Ionizecms | 1 Ionize | 2024-11-21 | 9.8 Critical |
| IonizeCMS v1.0.8.1 was discovered to contain a command injection vulnerability via the function copy_lang_content in application/models/lang_model.php. | ||||
| CVE-2022-29221 | 3 Debian, Fedoraproject, Smarty | 3 Debian Linux, Fedora, Smarty | 2024-11-21 | 8.8 High |
| Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious {block} name or {include} file name. Sites that cannot fully trust template authors should upgrade to versions 3.1.45 or 4.1.1 to receive a patch for this issue. There are currently no known workarounds. | ||||
| CVE-2022-29216 | 1 Google | 1 Tensorflow | 2024-11-21 | 7.8 High |
| TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow's `saved_model_cli` tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reasons as the maintainers had several test cases where numpy expressions were used as arguments. However, given that the tool is always run manually, the impact of this is still not severe. The maintainers have now removed the `safe=False` argument, so all parsing is done without calling `eval`. The patch is available in versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4. | ||||
| CVE-2022-29171 | 1 Sourcegraph | 1 Sourcegraph | 2024-11-21 | 6.6 Medium |
| Sourcegraph is a fast and featureful code search and navigation engine. Versions before 3.38.0 are vulnerable to Remote Code Execution in the gitserver service. The Gitolite code host integration with Phabricator allows Sourcegraph site admins to specify a `callsignCommand`, which is used to obtain the Phabricator metadata for a Gitolite repository. An administrator who is able to edit or add a Gitolite code host and has administrative access to Sourcegraph’s bundled Grafana instance can change this command arbitrarily and run it remotely. This grants direct access to the infrastructure underlying the Sourcegraph installation. The attack requires: site-admin privileges on the instance of Sourcegraph, Administrative privileges on the bundled Grafana monitoring instance, Knowledge of the gitserver IP address or DNS name (if running in Kubernetes). This can be found through Grafana. The issue is patched in version 3.38.0. You may disable Gitolite code hosts. We still highly encourage upgrading regardless of workarounds. | ||||
| CVE-2022-29078 | 1 Ejs | 1 Ejs | 2024-11-21 | 9.8 Critical |
| The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js allows server-side template injection in settings[view options][outputFunctionName]. This is parsed as an internal option, and overwrites the outputFunctionName option with an arbitrary OS command (which is executed upon template compilation). | ||||
| CVE-2022-28766 | 1 Zoom | 2 Meetings, Rooms | 2024-11-21 | 3.3 Low |
| Windows 32-bit versions of the Zoom Client for Meetings before 5.12.6 and Zoom Rooms for Conference Room before version 5.12.6 are susceptible to a DLL injection vulnerability. A local low-privileged user could exploit this vulnerability to run arbitrary code in the context of the Zoom client. | ||||
| CVE-2022-27837 | 2 Google, Samsung | 2 Android, Accessibility | 2024-11-21 | 4.4 Medium |
| A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0) allows attacker to access the file with system privilege. | ||||
| CVE-2022-26982 | 1 Simplemachines | 1 Simple Machines Forum | 2024-11-21 | 7.2 High |
| SimpleMachinesForum 2.1.1 and earlier allows remote authenticated administrators to execute arbitrary code by inserting a vulnerable php code because the themes can be modified by an administrator. NOTE: the vendor's position is that administrators are intended to have the ability to modify themes, and can thus choose any PHP code that they wish to have executed on the server. | ||||
| CVE-2022-25967 | 1 Eta.js | 1 Eta | 2024-11-21 | 8.1 High |
| Versions of the package eta before 2.0.0 are vulnerable to Remote Code Execution (RCE) by overwriting template engine configuration variables with view options received from The Express render API. **Note:** This is exploitable only for users who are rendering templates with user-defined data. | ||||
| CVE-2022-25894 | 1 Uflo Project | 1 Uflo | 2024-11-21 | 9.8 Critical |
| All versions of the package com.bstek.uflo:uflo-core are vulnerable to Remote Code Execution (RCE) in the ExpressionContextImpl class via jexl.createExpression(expression).evaluate(context); functionality, due to improper user input validation. | ||||
| CVE-2022-25860 | 1 Simple-git Project | 1 Simple-git | 2024-11-21 | 8.1 High |
| Versions of the package simple-git before 3.16.0 are vulnerable to Remote Code Execution (RCE) via the clone(), pull(), push() and listRemote() methods, due to improper input sanitization. This vulnerability exists due to an incomplete fix of [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221). | ||||
| CVE-2022-25813 | 1 Apache | 1 Ofbiz | 2024-11-21 | 7.5 High |
| In Apache OFBiz, versions 18.12.05 and earlier, an attacker acting as an anonymous user of the ecommerce plugin, can insert a malicious content in a message “Subject” field from the "Contact us" page. Then a party manager needs to list the communications in the party component to activate the SSTI. A RCE is then possible. | ||||
| CVE-2022-25812 | 1 Transposh | 1 Transposh Wordpress Translation | 2024-11-21 | 7.2 High |
| The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high privilege users such as admin to perform RCE | ||||
| CVE-2022-25760 | 1 Accesslog Project | 1 Accesslog | 2024-11-21 | 7.1 High |
| All versions of package accesslog are vulnerable to Arbitrary Code Injection due to the usage of the Function constructor without input sanitization. If (attacker-controlled) user input is given to the format option of the package's exported constructor function, it is possible for an attacker to execute arbitrary JavaScript code on the host that this package is being run on. | ||||
| CVE-2022-25759 | 1 Convert-svg-core Project | 1 Convert-svg-core | 2024-11-21 | 9.9 Critical |
| The package convert-svg-core before 0.6.2 are vulnerable to Remote Code Injection via sending an SVG file containing the payload. | ||||
| CVE-2022-25578 | 1 Taogogo | 1 Taocms | 2024-11-21 | 9.8 Critical |
| taocms v3.0.2 allows attackers to execute code injection via arbitrarily editing the .htaccess file. | ||||