Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-13 | CVE-2023-51066 | Code Injection vulnerability in Qstar Archive Storage Manager 30 An authenticated remote code execution vulnerability in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows attackers to arbitrarily execute commands. | 8.8 |
| 2024-01-08 | CVE-2024-21650 | Code Injection vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 9.8 |
| 2024-01-08 | CVE-2023-7224 | Code Injection vulnerability in Openvpn Connect OpenVPN Connect version 3.0 through 3.4.6 on macOS allows local users to execute code in external third party libraries using the DYLD_INSERT_LIBRARIES environment variable | 7.8 |
| 2024-01-03 | CVE-2023-41783 | Code Injection vulnerability in ZTE Zxcloud Irai Firmware There is a command injection vulnerability of ZTE's ZXCLOUD iRAI. | 7.8 |
| 2024-01-02 | CVE-2024-0195 | Code Injection vulnerability in Ssssssss Spider-Flow 0.4.3 A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. | 9.8 |
| 2023-12-30 | CVE-2023-41544 | Code Injection vulnerability in Jeecg Boot SSTI injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to execute arbitrary code via crafted HTTP request to the /jmreport/loadTableData component. | 9.8 |
| 2023-12-29 | CVE-2023-40606 | Code Injection vulnerability in Kanbanwp Kanban Boards for Wordpress Improper Control of Generation of Code ('Code Injection') vulnerability in Kanban for WordPress Kanban Boards for WordPress.This issue affects Kanban Boards for WordPress: from n/a through 2.5.21. | 7.2 |
| 2023-12-28 | CVE-2023-46987 | Code Injection vulnerability in Seacms 12.9 SeaCMS v12.9 was discovered to contain a remote code execution (RCE) vulnerability via the component /augap/adminip.php. | 8.8 |
| 2023-12-27 | CVE-2023-49000 | Code Injection vulnerability in Artistscope Artisbrowser An issue in ArtistScope ArtisBrowser v.34.1.5 and before allows an attacker to bypass intended access restrictions via interaction with the com.artis.browser.IntentReceiverActivity component. | 9.8 |
| 2023-12-27 | CVE-2023-49001 | Code Injection vulnerability in Indibrowser Indi Browser 12.11.23 An issue in Indi Browser (aka kvbrowser) v.12.11.23 allows an attacker to bypass intended access restrictions via interaction with the com.example.gurry.kvbrowswer.webview component. | 9.8 |