Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-29 | CVE-2021-21415 | Prisma VS Code a VSCode extension for Prisma schema files. | 0.0 |
| 2021-04-22 | CVE-2021-29465 | Code Injection vulnerability in Discord Discord-Recon 0.0.1/0.0.2/0.0.3 Discord-Recon is a bot for the Discord chat service. | 7.5 |
| 2021-04-20 | CVE-2021-29461 | Code Injection vulnerability in Discord-Recon Project Discord-Recon 0.0.2 ### Impact - This issue could be exploited to read internal files from the system and write files into the system resulting in remote code execution ### Patches - This issue has been fixed on 0.0.3 version by adding a regex that validate if there's any arguments on the command. | 9.0 |
| 2021-04-13 | CVE-2021-29440 | Code Injection vulnerability in Getgrav Grav Grav is a file based Web-platform. | 6.5 |
| 2021-04-09 | CVE-2021-21433 | Code Injection vulnerability in Discord-Recon Project Discord-Recon Discord Recon Server is a bot that allows you to do your reconnaissance process from your Discord. | 6.5 |
| 2021-04-08 | CVE-2021-1362 | Code Injection vulnerability in Cisco products A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, and Cisco Prime License Manager could allow an authenticated, remote attacker to execute arbitrary code on an affected device. | 9.0 |
| 2021-03-30 | CVE-2021-26810 | Code Injection vulnerability in Dlink Dir-816 Firmware 1.10B05 D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. | 10.0 |
| 2021-03-29 | CVE-2021-23358 | Code Injection vulnerability in multiple products The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized. | 7.5 |
| 2021-03-26 | CVE-2020-28695 | Code Injection vulnerability in Askey Rtf3505Vw-N1 BR SV G000 R3505Vwn1001 S32 7 Firmware Askey Fiber Router RTF3505VW-N1 BR_SV_g000_R3505VWN1001_s32_7 devices allow Remote Code Execution and retrieval of admin credentials to log into the Dashboard or login via SSH, leading to code execution as root. | 8.3 |
| 2021-03-25 | CVE-2021-27438 | Code Injection vulnerability in GE Reason Dr60 Firmware The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions prior to 02A04.1). | 6.5 |