An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34483. This vulnerability affects Firefox < 102.
NVD-CWE-noinfo
CVE-2022-34483
An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34482. This vulnerability affects Firefox < 102.
CVE-2022-34500
The bin-collect package in PyPI before v0.1 included a code execution backdoor inserted by a third party.
CVE-2022-34501
The bin-collection package in PyPI before v0.1 included a code execution backdoor inserted by a third party.
CVE-2022-34509
The wikifaces package in PyPI v1.0 included a code execution backdoor inserted by a third party.
CVE-2022-34391
Dell Client BIOS Versions prior to the remediated version contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.