• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-94

CVE-2022-29814

February 23, 2023 by godfreyd94

In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible

CVE-2022-29815

February 23, 2023 by godfreyd94

In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible

CVE-2022-29819

February 23, 2023 by godfreyd94

In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible

CVE-2022-29821

February 23, 2023 by godfreyd94

In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was possible

CVE-2022-29307

February 23, 2023 by godfreyd94

IonizeCMS v1.0.8.1 was discovered to contain a command injection vulnerability via the function copy_lang_content in application/models/lang_model.php.

CVE-2022-29216

February 23, 2023 by godfreyd94

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow’s `saved_model_cli` tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reasons as the maintainers had several test cases where numpy expressions were used as arguments. However, given that the tool is always run manually, the impact of this is still not severe. The maintainers have now removed the `safe=False` argument, so all parsing is done without calling `eval`. The patch is available in versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 207
  • Go to page 208
  • Go to page 209
  • Go to page 210
  • Go to page 211
  • Interim pages omitted …
  • Go to page 225
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE