Total
5224 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-0811 | 1 Kubernetes | 1 Cri-o | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed. | |||||
| CVE-2022-0661 | 1 Ad Injection Project | 1 Ad Injection | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| The Ad Injection WordPress plugin through 1.2.0.19 does not properly sanitize the body of the adverts injected into the pages, allowing a high privileged user (Admin+) to inject arbitrary HTML or javascript even with unfiltered_html disallowed, leading to a stored cross-site scripting (XSS) vulnerability. Further it is also possible to inject PHP code, leading to a Remote Code execution (RCE) vulnerability, even if the DISALLOW_FILE_EDIT and DISALLOW_FILE_MOD constants are both set. | |||||
| CVE-2022-0323 | 1 Mustache Project | 1 Mustache | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Improper Neutralization of Special Elements Used in a Template Engine in Packagist mustache/mustache prior to 2.14.1. | |||||
| CVE-2021-4434 | 1 Warfareplugins | 1 Social Warfare | 2024-11-21 | N/A | 10.0 CRITICAL |
| The Social Warfare plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 3.5.2 via the 'swp_url' parameter. This allows attackers to execute code on the server. | |||||
| CVE-2021-4315 | 1 Psiturk | 1 Psiturk | 2024-11-21 | 5.2 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been found in NYUCCL psiTurk up to 3.2.0 and classified as critical. This vulnerability affects unknown code of the file psiturk/experiment.py. The manipulation of the argument mode leads to improper neutralization of special elements used in a template engine. The exploit has been disclosed to the public and may be used. Upgrading to version 3.2.1 is able to address this issue. The name of the patch is 47787e15cecd66f2aa87687bf852ae0194a4335f. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-219676. | |||||
| CVE-2021-46362 | 1 Magnolia-cms | 1 Magnolia Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A Server-Side Template Injection (SSTI) vulnerability in the Registration and Forgotten Password forms of Magnolia v6.2.3 and below allows attackers to execute arbitrary code via a crafted payload entered into the fullname parameter. | |||||
| CVE-2021-46118 | 1 Jpress | 1 Jpress | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| jpress 4.2.0 is vulnerable to remote code execution via io.jpress.module.article.kit.ArticleNotifyKit#doSendEmail. The admin panel provides a function through which attackers can edit the email templates and inject some malicious code. | |||||
| CVE-2021-46117 | 1 Jpress | 1 Jpress | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| jpress 4.2.0 is vulnerable to remote code execution via io.jpress.module.page.PageNotifyKit#doSendEmail. The admin panel provides a function through which attackers can edit the email templates and inject some malicious code. | |||||
| CVE-2021-46114 | 1 Jpress | 1 Jpress | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| jpress v 4.2.0 is vulnerable to RCE via io.jpress.module.product.ProductNotifyKit#doSendEmail. The admin panel provides a function through which attackers can edit the email templates and inject some malicious code. | |||||
| CVE-2021-46063 | 1 Mingsoft | 1 Mcms | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| MCMS v5.2.5 was discovered to contain a Server Side Template Injection (SSTI) vulnerability via the Template Management module. | |||||
| CVE-2021-45806 | 1 Jpress | 1 Jpress | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| jpress v4.2.0 admin panel provides a function through which attackers can modify the template and inject some malicious code. | |||||
| CVE-2021-45029 | 1 Apache | 1 Shenyu | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Groovy Code Injection & SpEL Injection which lead to Remote Code Execution. This issue affected Apache ShenYu 2.4.0 and 2.4.1. | |||||
| CVE-2021-44978 | 1 Idreamsoft | 1 Icms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| iCMS <= 8.0.0 allows users to add and render a comtom template, which has a SSTI vulnerability which causes remote code execution. | |||||
| CVE-2021-44734 | 1 Lexmark | 467 6500e, 6500e Firmware, B2236 and 464 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device. | |||||
| CVE-2021-44618 | 1 Nystudio107 | 1 Seomatic | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A Server-side Template Injection (SSTI) vulnerability exists in Nystudio107 Seomatic 3.4.12 in src/helpers/UrlHelper.php via the host header. | |||||
| CVE-2021-44238 | 1 Ayacms Project | 1 Ayacms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE) via /aya/module/admin/ust_tab_e.inc.php, | |||||
| CVE-2021-44231 | 1 Sap | 2 Abap Platform, Netweaver Application Server Abap | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Internally used text extraction reports allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application. | |||||
| CVE-2021-43944 | 1 Atlassian | 2 Jira Data Center, Jira Server | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Server and Data Center allowed remote attackers with system administrator permissions to execute arbitrary code via Template Injection leading to Remote Code Execution (RCE) in the Email Templates feature. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3. | |||||
| CVE-2021-43837 | 1 Vault-cli Project | 1 Vault-cli | 2024-11-21 | 9.0 HIGH | 8.4 HIGH |
| vault-cli is a configurable command-line interface tool (and python library) to interact with Hashicorp Vault. In versions before 3.0.0 vault-cli features the ability for rendering templated values. When a secret starts with the prefix `!template!`, vault-cli interprets the rest of the contents of the secret as a Jinja2 template. Jinja2 is a powerful templating engine and is not designed to safely render arbitrary templates. An attacker controlling a jinja2 template rendered on a machine can trigger arbitrary code, making this a Remote Code Execution (RCE) risk. If the content of the vault can be completely trusted, then this is not a problem. Otherwise, if your threat model includes cases where an attacker can manipulate a secret value read from the vault using vault-cli, then this vulnerability may impact you. In 3.0.0, the code related to interpreting vault templated secrets has been removed entirely. Users are advised to upgrade as soon as possible. For users unable to upgrade a workaround does exist. Using the environment variable `VAULT_CLI_RENDER=false` or the flag `--no-render` (placed between `vault-cli` and the subcommand, e.g. `vault-cli --no-render get-all`) or adding `render: false` to the vault-cli configuration yaml file disables rendering and removes the vulnerability. Using the python library, you can use: `vault_cli.get_client(render=False)` when creating your client to get a client that will not render templated secrets and thus operates securely. | |||||
| CVE-2021-43811 | 1 Amazon | 1 Sockeye | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Sockeye is an open-source sequence-to-sequence framework for Neural Machine Translation built on PyTorch. Sockeye uses YAML to store model and data configurations on disk. Versions below 2.3.24 use unsafe YAML loading, which can be made to execute arbitrary code embedded in config files. An attacker can add malicious code to the config file of a trained model and attempt to convince users to download and run it. If users run the model, the embedded code will run locally. The issue is fixed in version 2.3.24. | |||||