• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-77

CVE-2022-25962

February 23, 2023 by godfreyd94

All versions of the package vagrant.js are vulnerable to Command Injection via the boxAdd function due to improper input sanitization.

CVE-2022-25809

February 23, 2023 by godfreyd94

Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on these devices via a malicious skill (in the case of remote attackers) or by pairing a malicious Bluetooth device (in the case of physically proximate attackers), aka an “Alexa versus Alexa (AvA)” attack.

CVE-2022-25853

February 23, 2023 by godfreyd94

All versions of the package semver-tags are vulnerable to Command Injection via the getGitTagsRemote function due to improper input sanitization.

CVE-2022-25855

February 23, 2023 by godfreyd94

All versions of the package create-choo-app3 are vulnerable to Command Injection via the devInstall function due to improper user-input sanitization.

CVE-2022-25865

February 23, 2023 by godfreyd94

The package workspace-tools before 0.18.4 are vulnerable to Command Injection via git argument injection. When calling the fetchRemoteBranch(remote: string, remoteBranch: string, cwd: string) function, both the remote and remoteBranch parameters are passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.

CVE-2022-25866

February 23, 2023 by godfreyd94

The package czproject/git-php before 4.0.3 are vulnerable to Command Injection via git argument injection. When calling the isRemoteUrlReadable($url, array $refs = NULL) function, both the url and refs parameters are passed to the git ls-remote subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 147
  • Go to page 148
  • Go to page 149
  • Go to page 150
  • Go to page 151
  • Interim pages omitted …
  • Go to page 172
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE