Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-15 | CVE-2023-5512 | Code Injection vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions from 16.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. | 5.7 |
| 2023-12-15 | CVE-2023-6051 | Code Injection vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. | 6.5 |
| 2023-12-06 | CVE-2023-6288 | Code Injection vulnerability in Devolutions Remote Desktop Manager Code injection in Remote Desktop Manager 2023.3.9.3 and earlier on macOS allows an attacker to execute code via the DYLIB_INSERT_LIBRARIES environment variable. | 7.8 |
| 2023-12-04 | CVE-2023-5762 | Code Injection vulnerability in Filr Project Filr The Filr WordPress plugin before 1.2.3.6 is vulnerable from an RCE (Remote Code Execution) vulnerability, which allows the operating system to execute commands and fully compromise the server on behalf of a user with Author-level privileges. | 8.8 |
| 2023-11-28 | CVE-2023-49313 | Code Injection vulnerability in Horsicq Xmachoviewer 0.04 A dylib injection vulnerability in XMachOViewer 0.04 allows attackers to compromise integrity. | 9.8 |
| 2023-11-28 | CVE-2023-49314 | Code Injection vulnerability in Asana Desktop 2.1.0 Asana Desktop 2.1.0 on macOS allows code injection because of specific Electron Fuses. | 7.8 |
| 2023-11-22 | CVE-2021-22150 | Code Injection vulnerability in Elastic Kibana It was discovered that a user with Fleet admin permissions could upload a malicious package. | 7.2 |
| 2023-11-21 | CVE-2023-48699 | Code Injection vulnerability in Ubertidavide Fastbots 0.1.1/0.1.2/0.1.3 fastbots is a library for fast bot and scraper development using selenium and the Page Object Model (POM) design. | 9.8 |
| 2023-11-21 | CVE-2023-48226 | Code Injection vulnerability in Openreplay OpenReplay is a self-hosted session replay suite. | 3.5 |
| 2023-11-20 | CVE-2023-48192 | Code Injection vulnerability in Totolink A3700R Firmware 9.1.2U.6134B20201202 An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a local attacker to execute arbitrary code via the setTracerouteCfg function. | 7.8 |