Vulnerabilities > Argument Injection or Modification
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-22 | CVE-2022-47926 | Argument Injection or Modification vulnerability in Ayacms Project Ayacms 3.1.2 AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php | 9.8 |
| 2022-11-23 | CVE-2022-23740 | Argument Injection or Modification vulnerability in Github Enterprise Server 3.7.0 CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. | 8.8 |
| 2022-11-09 | CVE-2022-45062 | Argument Injection or Modification vulnerability in multiple products In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper. | 9.8 |
| 2022-10-24 | CVE-2021-46850 | Argument Injection or Modification vulnerability in Vestacp Control Panel and Vesta Control Panel myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel before 0.9.8-26 are vulnerable to command injection. | 7.2 |
| 2022-10-16 | CVE-2022-42968 | Argument Injection or Modification vulnerability in Gitea Gitea before 1.17.3 does not sanitize and escape refs in the git backend. | 9.8 |
| 2022-10-11 | CVE-2022-3140 | Argument Injection or Modification vulnerability in multiple products LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. | 6.3 |
| 2022-09-21 | CVE-2022-37027 | Argument Injection or Modification vulnerability in Ahsay Cloud Backup Suite 9.1.4.0 Ahsay AhsayCBS 9.1.4.0 allows an authenticated system user to inject arbitrary Java JVM options. | 7.2 |
| 2022-09-07 | CVE-2022-36069 | Argument Injection or Modification vulnerability in Python-Poetry Poetry Poetry is a dependency manager for Python. | 7.3 |
| 2022-08-25 | CVE-2022-36804 | Argument Injection or Modification vulnerability in Atlassian Bitbucket Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request. | 8.8 |
| 2022-08-17 | CVE-2022-1399 | Argument Injection or Modification vulnerability in Device42 Cmdb An Argument Injection or Modification vulnerability in the "Change Secret" username field as used in the Discovery component of Device42 CMDB allows a local attacker to run arbitrary code on the appliance with root privileges. | 9.1 |