Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-17 | CVE-2020-36245 | Code Injection vulnerability in Gramaddict GramAddict through 1.2.3 allows remote attackers to execute arbitrary code because of use of UIAutomator2 and ATX-Agent. | 5.8 |
2021-02-16 | CVE-2021-27236 | Code Injection vulnerability in Mutare Voice 3.0.0/3.2.6/3.3.7 An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. | 7.5 |
2021-02-15 | CVE-2020-22427 | Code Injection vulnerability in Nagios XI 5.6.11 NagiosXI 5.6.11 is affected by a remote code execution (RCE) vulnerability. | 6.5 |
2021-02-12 | CVE-2021-26753 | Code Injection vulnerability in Nedi 1.9C NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. | 6.5 |
2021-02-11 | CVE-2021-23334 | Code Injection vulnerability in Static-Eval Project Static-Eval All versions of package static-eval are vulnerable to Arbitrary Code Execution using FunctionExpressions and TemplateLiterals. | 7.5 |
2021-02-10 | CVE-2021-25251 | Code Injection vulnerability in Trendmicro products The Trend Micro Security 2020 and 2021 families of consumer products are vulnerable to a code injection vulnerability which could allow an attacker to disable the program's password protection and disable protection. | 6.5 |
2021-02-09 | CVE-2021-21477 | Code Injection vulnerability in SAP Commerce SAP Commerce Cloud, versions - 1808,1811,1905,2005,2011, enables certain users with required privileges to edit drools rules, an authenticated attacker with this privilege will be able to inject malicious code in the drools rules which when executed leads to Remote Code Execution vulnerability enabling the attacker to compromise the underlying host enabling him to impair confidentiality, integrity and availability of the application. | 9.0 |
2021-02-09 | CVE-2021-26551 | Code Injection vulnerability in Smartfoxserver 2.17.0 An issue was discovered in SmartFoxServer 2.17.0. | 6.0 |
2021-02-08 | CVE-2021-22502 | Code Injection vulnerability in Microfocus Operation Bridge Reporter 10.40 Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. | 10.0 |
2021-02-05 | CVE-2021-20623 | Code Injection vulnerability in Panasonic Video Insight VMS 7.3.2.5/7.5 Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request. | 10.0 |