• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-77

CVE-2022-25890

February 23, 2023 by godfreyd94

All versions of the package wifey are vulnerable to Command Injection via the connect() function due to improper input sanitization.

CVE-2022-25908

February 23, 2023 by godfreyd94

All versions of the package create-choo-electron are vulnerable to Command Injection via the devInstall function due to improper user-input sanitization.

CVE-2022-25912

February 23, 2023 by godfreyd94

The package simple-git before 3.15.0 are vulnerable to Remote Code Execution (RCE) when enabling the ext transport protocol, which makes it exploitable via clone() method. This vulnerability exists due to an incomplete fix of [CVE-2022-24066](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-2434306).

CVE-2022-25916

February 23, 2023 by godfreyd94

Versions of the package mt7688-wiscan before 0.8.3 are vulnerable to Command Injection due to improper input sanitization in the ‘wiscan.scan’ function.

CVE-2022-25923

February 23, 2023 by godfreyd94

Versions of the package exec-local-bin before 1.2.0 are vulnerable to Command Injection via the theProcess() functionality due to improper user-input sanitization.

CVE-2022-25926

February 23, 2023 by godfreyd94

Versions of the package window-control before 1.4.5 are vulnerable to Command Injection via the sendKeys function, due to improper input sanitization.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 146
  • Go to page 147
  • Go to page 148
  • Go to page 149
  • Go to page 150
  • Interim pages omitted …
  • Go to page 172
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE