Vulnerabilities > Improper Control of Generation of Code ('Code Injection')

DATE CVE VULNERABILITY TITLE RISK
2023-12-27 CVE-2023-43481 Code Injection vulnerability in TCL Browser TV web - Browsehere 6.65.022Dab24Cc6231221Gp
An issue in Shenzhen TCL Browser TV Web BrowseHere (aka com.tcl.browser) 6.65.022_dab24cc6_231221_gp allows a remote attacker to execute arbitrary JavaScript code via the com.tcl.browser.portal.browse.activity.BrowsePageActivity component.
network
low complexity
tcl CWE-94
critical
9.8
2023-12-27 CVE-2023-43955 Code Injection vulnerability in Fedirtsapana TV BRO
The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView.
network
low complexity
fedirtsapana CWE-94
critical
9.8
2023-12-27 CVE-2023-47883 Code Injection vulnerability in Vladymix TV Browser
The com.altamirano.fabricio.tvbrowser TV browser application through 4.5.1 for Android is vulnerable to JavaScript code execution via an explicit intent due to an exposed MainActivity.
network
low complexity
vladymix CWE-94
critical
9.8
2023-12-24 CVE-2023-7101 Code Injection vulnerability in multiple products
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files.
local
low complexity
jmcnamara debian fedoraproject CWE-94
7.8
2023-12-19 CVE-2023-49004 Code Injection vulnerability in Dlink Dir-850L Firmware Fw223Wwb01
An issue in D-Link DIR-850L v.B1_FW223WWb01 allows a remote attacker to execute arbitrary code via a crafted script to the en parameter.
network
low complexity
dlink CWE-94
critical
9.8
2023-12-18 CVE-2023-6691 Code Injection vulnerability in Cambiumnetworks Epmp Force 300-25 Firmware 4.7.0.1
Cambium ePMP Force 300-25 version 4.7.0.1 is vulnerable to a code injection vulnerability that could allow an attacker to perform remote code execution and gain root privileges.
local
low complexity
cambiumnetworks CWE-94
7.8
2023-12-18 CVE-2023-32728 Code Injection vulnerability in Zabbix Zabbix-Agent2
The Zabbix Agent 2 item key smart.disk.get does not sanitize its parameters before passing them to a shell command resulting possible vulnerability for remote code execution.
network
low complexity
zabbix CWE-94
critical
9.8
2023-12-17 CVE-2023-6886 Code Injection vulnerability in Wang.Market Wangmarket 6.1
A vulnerability was found in xnx3 wangmarket 6.1.
network
low complexity
wang-market CWE-94
critical
9.8
2023-12-15 CVE-2023-50721 Code Injection vulnerability in Xwiki
XWiki Platform is a generic wiki platform.
network
low complexity
xwiki CWE-94
8.8
2023-12-15 CVE-2023-50723 Code Injection vulnerability in Xwiki
XWiki Platform is a generic wiki platform.
network
low complexity
xwiki CWE-94
8.8