• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-94

CVE-2022-0578

February 23, 2023 by

Code Injection in GitHub repository publify/publify prior to 9.2.8.

CVE-2022-0354

February 23, 2023 by

A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released before 2022-02-25 that displays a command prompt window.

CVE-2022-0282

February 23, 2023 by

Code Injection in Packagist microweber/microweber prior to 1.2.11.

CVE-2022-0130

February 23, 2023 by

Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. An attacker would first have to stage a specific file type in the web server root of the Tenable.sc host prior to remote exploitation.

CVE-2023-24576

February 22, 2023 by godfreyd94

EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the Networker Client execution service (nsrexecd) when oldauth authentication method is used. An unauthenticated remote attacker could send arbitrary commands via RPC service to be executed on the host system with the privileges of the nsrexecd service, which runs with administrative privileges.

CVE-2023-23619

February 22, 2023 by godfreyd94

Modelina is a library for generating data models based on inputs such as AsyncAPI, OpenAPI, or JSON Schema documents. Versions prior to 1.0.0 are vulnerable to Code injection. This issue affects anyone who is using the default presets and/or does not handle the functionality themself. This issue has been partially mitigated in version 1.0.0, with the maintainer’s GitHub Security Advisory (GHSA) noting “It is impossible to fully guard against this, because users have access to the original raw information. However, as of version 1, if you only access the constrained models, you will not encounter this issue. Further similar situations are NOT seen as a security issue, but intended behavior.” The suggested workaround from the maintainers is “Fully custom presets that change the entire rendering process which can then escape the user input.”

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 221
  • Go to page 222
  • Go to page 223
  • Go to page 224
  • Go to page 225
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE