• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-94

CVE-2022-26255

February 23, 2023 by godfreyd94

Clash for Windows v0.19.8 was discovered to allow arbitrary code execution via a crafted payload injected into the Proxies name column.

CVE-2022-26272

February 23, 2023 by godfreyd94

A remote code execution (RCE) vulnerability in Ionize v1.0.8.1 allows attackers to execute arbitrary code via a crafted string written to the file application/config/config.php.

CVE-2022-26174

February 23, 2023 by godfreyd94

A remote code execution (RCE) vulnerability in Beekeeper Studio v3.2.0 allows attackers to execute arbitrary code via a crafted payload injected into the display fields.

CVE-2022-25921

February 23, 2023 by godfreyd94

All versions of package morgan-json are vulnerable to Arbitrary Code Execution due to missing sanitization of input passed to the Function constructor.

CVE-2022-25812

February 23, 2023 by godfreyd94

The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high privilege users such as admin to perform RCE

CVE-2022-25813

February 23, 2023 by godfreyd94

In Apache OFBiz, versions 18.12.05 and earlier, an attacker acting as an anonymous user of the ecommerce plugin, can insert a malicious content in a message “Subject” field from the “Contact us” page. Then a party manager needs to list the communications in the party component to activate the SSTI. A RCE is then possible.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 209
  • Go to page 210
  • Go to page 211
  • Go to page 212
  • Go to page 213
  • Interim pages omitted …
  • Go to page 225
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE