Total
3761 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-25812 | 1 Transposh | 1 Transposh Wordpress Translation | 2022-08-25 | N/A | 7.2 HIGH |
| The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high privilege users such as admin to perform RCE | |||||
| CVE-2022-36216 | 1 Dedecms | 1 Dedecms | 2022-08-19 | N/A | 7.2 HIGH |
| DedeCMS v5.7.94 - v5.7.97 was discovered to contain a remote code execution vulnerability in member_toadmin.php. | |||||
| CVE-2022-35516 | 1 Dedecms | 1 Dedecms | 2022-08-19 | N/A | 9.8 CRITICAL |
| DedeCMS v5.7.93 - v5.7.96 was discovered to contain a remote code execution vulnerability in login.php. | |||||
| CVE-1999-0509 | 2022-08-17 | 10.0 HIGH | N/A | ||
| Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands. | |||||
| CVE-2022-30083 | 1 Elliegrid | 1 Elliegrid | 2022-08-10 | N/A | 9.8 CRITICAL |
| EllieGrid Android Application version 3.4.1 is vulnerable to Code Injection. The application appears to evaluate user input as code (remote). | |||||
| CVE-2021-3725 | 1 Planetargon | 1 Oh My Zsh | 2022-08-09 | 6.8 MEDIUM | 8.8 HIGH |
| Vulnerability in dirhistory plugin Description: the widgets that go back and forward in the directory history, triggered by pressing Alt-Left and Alt-Right, use functions that unsafely execute eval on directory names. If you cd into a directory with a carefully-crafted name, then press Alt-Left, the system is subject to command injection. Impacted areas: - Functions pop_past and pop_future in dirhistory plugin. | |||||
| CVE-2009-1698 | 1 Apple | 3 Iphone Os, Ipod Touch, Safari | 2022-08-09 | 9.3 HIGH | N/A |
| WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. | |||||
| CVE-2021-43837 | 1 Vault-cli Project | 1 Vault-cli | 2022-08-09 | 9.0 HIGH | 9.1 CRITICAL |
| vault-cli is a configurable command-line interface tool (and python library) to interact with Hashicorp Vault. In versions before 3.0.0 vault-cli features the ability for rendering templated values. When a secret starts with the prefix `!template!`, vault-cli interprets the rest of the contents of the secret as a Jinja2 template. Jinja2 is a powerful templating engine and is not designed to safely render arbitrary templates. An attacker controlling a jinja2 template rendered on a machine can trigger arbitrary code, making this a Remote Code Execution (RCE) risk. If the content of the vault can be completely trusted, then this is not a problem. Otherwise, if your threat model includes cases where an attacker can manipulate a secret value read from the vault using vault-cli, then this vulnerability may impact you. In 3.0.0, the code related to interpreting vault templated secrets has been removed entirely. Users are advised to upgrade as soon as possible. For users unable to upgrade a workaround does exist. Using the environment variable `VAULT_CLI_RENDER=false` or the flag `--no-render` (placed between `vault-cli` and the subcommand, e.g. `vault-cli --no-render get-all`) or adding `render: false` to the vault-cli configuration yaml file disables rendering and removes the vulnerability. Using the python library, you can use: `vault_cli.get_client(render=False)` when creating your client to get a client that will not render templated secrets and thus operates securely. | |||||
| CVE-2022-34625 | 1 Mealie Project | 1 Mealie | 2022-08-08 | N/A | 7.2 HIGH |
| Mealie1.0.0beta3 was discovered to contain a Server-Side Template Injection vulnerability, which allows attackers to execute arbitrary code via a crafted Jinja2 template. | |||||
| CVE-2021-32649 | 1 Octobercms | 1 October | 2022-08-05 | 6.5 MEDIUM | 8.8 HIGH |
| October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with "create, modify and delete website pages" privileges in the backend is able to execute PHP code by running specially crafted Twig code in the template markup. The issue has been patched in Build 473 (v1.0.473) and v1.1.6. Those unable to upgrade may apply the patch to their installation manually as a workaround. | |||||
| CVE-2021-32650 | 1 Octobercms | 1 October | 2022-08-05 | 6.5 MEDIUM | 8.8 HIGH |
| October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with access to the backend is able to execute PHP code by using the theme import feature. This will bypass the safe mode feature that prevents PHP execution in the CMS templates.The issue has been patched in Build 473 (v1.0.473) and v1.1.6. Those unable to upgrade may apply the patch to their installation manually as a workaround. | |||||
| CVE-2022-37009 | 1 Jetbrains | 1 Intellij Idea | 2022-08-03 | N/A | 7.8 HIGH |
| In JetBrains IntelliJ IDEA before 2022.2 local code execution via a Vagrant executable was possible | |||||
| CVE-2021-29475 | 1 Hedgedoc | 1 Hedgedoc | 2022-08-03 | 5.8 MEDIUM | 10.0 CRITICAL |
| HedgeDoc (formerly known as CodiMD) is an open-source collaborative markdown editor. An attacker is able to receive arbitrary files from the file system when exporting a note to PDF. Since the code injection has to take place as note content, there fore this exploit requires the attackers ability to modify a note. This will affect all instances, which have pdf export enabled. This issue has been fixed by https://github.com/hedgedoc/hedgedoc/commit/c1789474020a6d668d616464cb2da5e90e123f65 and is available in version 1.5.0. Starting the CodiMD/HedgeDoc instance with `CMD_ALLOW_PDF_EXPORT=false` or set `"allowPDFExport": false` in config.json can mitigate this issue for those who cannot upgrade. This exploit works because while PhantomJS doesn't actually render the `file:///` references to the PDF file itself, it still uses them internally, and exfiltration is possible, and easy through JavaScript rendering. The impact is pretty bad, as the attacker is able to read the CodiMD/HedgeDoc `config.json` file as well any other files on the filesystem. Even though the suggested Docker deploy option doesn't have many interesting files itself, the `config.json` still often contains sensitive information, database credentials, and maybe OAuth secrets among other things. | |||||
| CVE-2021-27438 | 1 Ge | 2 Reason Dr60, Reason Dr60 Firmware | 2022-07-29 | 6.5 MEDIUM | 8.8 HIGH |
| The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions prior to 02A04.1). | |||||
| CVE-2022-25759 | 1 Convert-svg-core Project | 1 Convert-svg-core | 2022-07-25 | N/A | 9.8 CRITICAL |
| The package convert-svg-core before 0.6.2 are vulnerable to Remote Code Injection via sending an SVG file containing the payload. | |||||
| CVE-2022-32417 | 1 Pbootcms | 1 Pbootcms | 2022-07-18 | 7.5 HIGH | 9.8 CRITICAL |
| PbootCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the function parserIfLabel at function.php. | |||||
| CVE-2015-3173 | 1 Custom Content Type Manager Project | 1 Custom Content Type Manager | 2022-07-14 | 6.5 MEDIUM | 7.2 HIGH |
| custom-content-type-manager Wordpress plugin can be used by an administrator to achieve arbitrary PHP remote code execution. | |||||
| CVE-2021-43097 | 1 Diyhi | 1 Bbs | 2022-07-12 | 6.5 MEDIUM | 7.2 HIGH |
| A Server-side Template Injection (SSTI) vulnerability exists in bbs 5.3 in TemplateManageAction.javawhich could let a malicoius user execute arbitrary code. | |||||
| CVE-2020-20601 | 1 Thinkcmf | 1 Thinkcmf | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| An issue in ThinkCMF X2.2.2 and below allows attackers to execute arbitrary code via a crafted packet. | |||||
| CVE-2021-43269 | 1 Code42 | 1 Code42 | 2022-07-12 | 6.5 MEDIUM | 8.8 HIGH |
| In Code42 app before 8.8.0, eval injection allows an attacker to change a device’s proxy configuration to use a malicious proxy auto-config (PAC) file, leading to arbitrary code execution. This affects Incydr Basic, Advanced, and Gov F1; CrashPlan Cloud; and CrashPlan for Small Business. (Incydr Professional and Enterprise are unaffected.) | |||||