• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-502

CVE-2022-41237

February 23, 2023 by godfreyd94

Jenkins DotCi Plugin 2.40.00 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.

CVE-2022-40889

February 23, 2023 by godfreyd94

Phpok 6.1 has a deserialization vulnerability via framework/phpok_call.php.

CVE-2022-40955

February 23, 2023 by godfreyd94

In versions of Apache InLong prior to 1.3.0, an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database, could cause this data to be deserialized by Apache InLong, potentially leading to Remote Code Execution on the Apache InLong server. Users are advised to upgrade to Apache InLong 1.3.0 or newer.

CVE-2022-4043

February 23, 2023 by godfreyd94

The WP Custom Admin Interface WordPress plugin before 7.29 unserialize user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.

CVE-2022-40238

February 23, 2023 by godfreyd94

A Remote Code Injection vulnerability exists in CERT software prior to version 1.50.5. An authenticated attacker can inject arbitrary pickle object as part of a user’s profile. This can lead to code execution on the server when the user’s profile is accessed.

CVE-2022-39944

February 23, 2023 by godfreyd94

In Apache Linkis <=1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis <= 1.2.0 will be affected, We recommend users to update to 1.3.0.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 106
  • Go to page 107
  • Go to page 108
  • Go to page 109
  • Go to page 110
  • Interim pages omitted …
  • Go to page 129
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE