• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-77

CVE-2022-25765

February 23, 2023 by godfreyd94

The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized.

CVE-2022-25766

February 23, 2023 by godfreyd94

The package ungit before 1.5.20 are vulnerable to Remote Code Execution (RCE) via argument injection. The issue occurs when calling the /api/fetch endpoint. User controlled values (remote and ref) are passed to the git fetch command. By injecting some git options it was possible to get arbitrary command execution.

CVE-2022-25619

February 23, 2023 by godfreyd94

Improper Neutralization of Special Elements used in a Command (‘Command Injection’) vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86.

CVE-2022-25433

February 23, 2023 by godfreyd94

Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the saveparentcontrolinfo function.

CVE-2022-25434

February 23, 2023 by godfreyd94

Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in the SetFirewallCfg function.

CVE-2022-25435

February 23, 2023 by godfreyd94

Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetStaticRoutecfg function.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 148
  • Go to page 149
  • Go to page 150
  • Go to page 151
  • Go to page 152
  • Interim pages omitted …
  • Go to page 172
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE