VulnCheck KEV: CVE-2022-3236

A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution...

Microsoft Azure Site Recovery 代码注入漏洞

Microsoft Azure Site Recovery ASR is a DRaaS provided by Azure for cloud and hybrid cloud architectures. a remote code execution vulnerability exists in Microsoft Azure Site Recovery. An attacker could exploit this vulnerability to execute code on the target host...

Microsoft Azure Real Time Operating System 代码注入漏洞

Microsoft Azure Real Time Operating System Azure RTOS is an embedded development kit from Microsoft Corporation USA that includes a small but powerful operating system that delivers reliable, ultra-fast performance for resource-constrained devices. A code injection vulnerability exists in Microso...

Inductive Automation Ignition 代码注入漏洞

Inductive Automation Ignition is a suite of integrated software platforms for SCADA systems from Inductive Automation, Inc. The platform supports SCADA Data Acquisition and Monitoring Systems, HMI Human Machine Interface and more. Inductive Automation Ignition suffers from a code injection...

Microsoft Windows Fax Service 代码注入漏洞

Microsoft Windows Fax Service is a functional component service from Microsoft Corporation USA. It is used to specify fax settings, including how to send, receive, view and print. A code injection vulnerability exists in Microsoft Windows Fax Service. The following products and versions are...

Mozilla Firefox 代码注入漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A code injection vulnerability exists in Mozilla Firefox. No information about this vulnerability is available at this time, please stay tuned to CNNVD or vendor announcements...

CVE-2017-20099 Analytics Stats Counter Statistics Plugin code injection

A vulnerability was found in Analytics Stats Counter Statistics Plugin 1.2.2.5 and classified as critical. This issue affects some unknown processing. The manipulation leads to code injection. The attack may be initiated remotely...

Microsoft Windows Encrypting File System 代码注入漏洞

Microsoft Windows Encrypting File System is a feature introduced in NTFS 3.0 in Microsoft Windows from Microsoft Corporation USA that provides file system level encryption. A code injection vulnerability exists in Microsoft Windows Encrypting File System EFS. The following products and editions a...

NetScout nGeniusONE 代码注入漏洞

NetScout nGeniusONE is a centralized application management and network performance solution from NetScout, Inc. A code injection vulnerability exists in NetScout nGeniusONE version 6.3.2, which can be exploited by an attacker to execute Java RMI code...

CVE-2022-21831

A code injection vulnerability exists in the Active Storage = v5.2.0 that could allow an attacker to execute code via imageprocessing arguments...

WordPress plugin School Management Pro 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in th...

Publify 安全漏洞

Publify is a simple but full-featured web publishing software.A code injection vulnerability exists in versions of Publify prior to 9.2.8, which stems from the existence of a code injection vulnerability, for which no detailed vulnerability details are currently available...

Jetbrains IntelliJ IDEA 代码注入漏洞

JetBrains IntelliJ IDEA is a suite of integrated development environments for the Java language from Jetbrains Czech Republic.JetBrains IntelliJ IDEA versions prior to 2022.1 contain a code injection vulnerability that could be exploited to execute native code via HTML descriptions in custom JSON...

Microsoft DNS Server 代码注入漏洞

Microsoft DNS Server is a service of Microsoft Corporation USA. A code injection vulnerability exists in Microsoft DNS Server. The following products and editions are affected: Windows Server 2012,Windows Server 2012 Server Core installation,Windows Server 2012 R2,Windows Server 2012 R2 Server Co...

Microsoft DNS Server 代码注入漏洞

Microsoft DNS Server is a service of Microsoft Corporation USA. A code injection vulnerability exists in Microsoft DNS Server. The following products and versions are affected:Windows Server 2019,Windows Server 2019 Server Core installation,Windows Server 2022,Windows Server 2022 Server Core...

Bentley Systems MicroStation 代码注入漏洞

Bentley Systems MicroStation is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, USA. A code injection vulnerability exists in Bentley MicroStation CONNECT version 10.16.02.34, which originates from a failure to properly validate the length of user-supplied data...

Beekeeper Studio 代码注入漏洞

Beekeeper Studio is a cross-platform, open source SQL editor and database manager from Beekeeper Studio, Inc. It is available for Linux, Mac and Windows. A security vulnerability exists in Beekeeper Studio v3.2.0 that allows an attacker to execute arbitrary code via a specially crafted payload...

Microsoft VP9 Video Extensions 代码注入漏洞

Microsoft VP9 Video Extensions is a popular video codec from Microsoft. It is used for streaming over the Internet. A code injection vulnerability exists in Microsoft VP9 Video Extensions. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor...

Microsoft Defender for IoT 代码注入漏洞

Microsoft Defender for IoT is vulnerable to code injection. No details of the vulnerability are currently available...

Microsoft Azure Site Recovery 代码注入漏洞

Microsoft Azure Site Recovery is a site recovery DRaaS from Microsoft Corporation for cloud and hybrid cloud architectures. Microsoft Azure Site Recovery is vulnerable to code injection. No details of the vulnerability are currently available...