Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-20 | CVE-2023-0462 | Code Injection vulnerability in multiple products An arbitrary code execution flaw was found in Foreman. | 9.1 |
| 2023-09-19 | CVE-2023-41179 | Code Injection vulnerability in Trendmicro products A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation. Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability. | 7.2 |
| 2023-09-11 | CVE-2023-42470 | Code Injection vulnerability in Imoulife Life 6.8.0 The Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android allows Remote Code Execution via a crafted intent to an exported component. | 9.8 |
| 2023-09-11 | CVE-2023-42471 | Code Injection vulnerability in Wave-Ai Wave 1.0.35 The wave.ai.browser application through 1.0.35 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. | 9.8 |
| 2023-09-08 | CVE-2023-39320 | Code Injection vulnerability in Golang GO 1.21.0/1.21.00 The go.mod toolchain directive, introduced in Go 1.21, can be leveraged to execute scripts and binaries relative to the root of the module when the "go" command was executed within the module. | 9.8 |
| 2023-09-06 | CVE-2023-38484 | Code Injection vulnerability in Arubanetworks Arubaos Vulnerabilities exist in the BIOS implementation of Aruba 9200 and 9000 Series Controllers and Gateways that could allow an attacker to execute arbitrary code early in the boot sequence. | 6.4 |
| 2023-09-05 | CVE-2023-39681 | Code Injection vulnerability in Cuppacms 1.0 Cuppa CMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the email_outgoing parameter at /Configuration.php. | 9.8 |
| 2023-09-05 | CVE-2022-41763 | Code Injection vulnerability in Nokia Access Management System 9.7.05 An issue was discovered in NOKIA AMS 9.7.05. | 8.8 |
| 2023-09-01 | CVE-2023-39631 | Code Injection vulnerability in Langchain 0.0.245 An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library. | 9.8 |
| 2023-09-01 | CVE-2023-39685 | Code Injection vulnerability in Hjson An issue in hjson-java up to v3.0.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted JSON string. | 7.5 |