Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2018-5158 | Code Injection vulnerability in multiple products The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. | 8.8 |
| 2018-06-11 | CVE-2017-7798 | Code Injection vulnerability in multiple products The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. | 8.8 |
| 2018-06-11 | CVE-2018-6512 | Code Injection vulnerability in Puppet Pe-Razor-Server, Puppet Enterprise and Razor-Server The previous version of Puppet Enterprise 2018.1 is vulnerable to unsafe code execution when upgrading pe-razor-server. | 9.8 |
| 2018-06-08 | CVE-2018-11228 | Code Injection vulnerability in Crestron Toolbox Protocol Firmware 1.502.0047.001 Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via a Bash shell service in Crestron Toolbox Protocol (CTP). | 9.8 |
| 2018-06-07 | CVE-2017-16151 | Code Injection vulnerability in Electronjs Electron Based on details posted by the ElectronJS team; A remote code execution vulnerability has been discovered in Google Chromium that affects all recent versions of Electron. | 9.8 |
| 2018-06-07 | CVE-2017-16082 | Code Injection vulnerability in Node-Postgres PG A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. | 9.8 |
| 2018-06-04 | CVE-2017-16020 | Code Injection vulnerability in Summit Project Summit Summit is a node web framework. | 9.8 |
| 2018-06-01 | CVE-2018-7951 | Code Injection vulnerability in Huawei products The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. | 8.8 |
| 2018-06-01 | CVE-2018-7950 | Code Injection vulnerability in Huawei products The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. | 8.8 |
| 2018-05-31 | CVE-2016-10546 | Code Injection vulnerability in Pouchdb An arbitrary code injection vector was found in PouchDB 6.0.4 and lesser via the map/reduce functions used in PouchDB temporary views and design documents. | 9.8 |