Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-08 | CVE-2018-11228 | Code Injection vulnerability in Crestron Toolbox Protocol Firmware 1.502.0047.001 Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via a Bash shell service in Crestron Toolbox Protocol (CTP). | 9.8 |
| 2018-06-07 | CVE-2017-16151 | Code Injection vulnerability in Electronjs Electron Based on details posted by the ElectronJS team; A remote code execution vulnerability has been discovered in Google Chromium that affects all recent versions of Electron. | 9.8 |
| 2018-06-07 | CVE-2017-16082 | Code Injection vulnerability in Node-Postgres PG A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. | 9.8 |
| 2018-06-04 | CVE-2017-16020 | Code Injection vulnerability in Summit Project Summit Summit is a node web framework. | 9.8 |
| 2018-06-01 | CVE-2018-7951 | Code Injection vulnerability in Huawei products The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. | 8.8 |
| 2018-06-01 | CVE-2018-7950 | Code Injection vulnerability in Huawei products The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. | 8.8 |
| 2018-05-31 | CVE-2016-10546 | Code Injection vulnerability in Pouchdb An arbitrary code injection vector was found in PouchDB 6.0.4 and lesser via the map/reduce functions used in PouchDB temporary views and design documents. | 9.8 |
| 2018-05-31 | CVE-2016-10541 | Code Injection vulnerability in Shell-Quote Project Shell-Quote The npm module "shell-quote" 1.6.0 and earlier cannot correctly escape ">" and "<" operator used for redirection in shell. | 9.8 |
| 2018-05-25 | CVE-2018-1133 | Code Injection vulnerability in Moodle An issue was discovered in Moodle 3.x. | 8.8 |
| 2018-05-11 | CVE-2018-1260 | Code Injection vulnerability in Pivotal Software Spring Security Oauth Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior to 2.2.2, 2.1 prior to 2.1.2, 2.0 prior to 2.0.15 and older unsupported versions contains a remote code execution vulnerability. | 9.8 |