Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-04 | CVE-2023-37470 | Code Injection vulnerability in Metabase Metabase is an open-source business intelligence and analytics platform. | 9.8 |
| 2023-08-03 | CVE-2023-36255 | Code Injection vulnerability in Eramba 3.19.1 An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL. | 8.8 |
| 2023-08-02 | CVE-2023-3401 | Code Injection vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. | 6.5 |
| 2023-07-31 | CVE-2023-34644 | Code Injection vulnerability in Ruijie products Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers and repeaters EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches SWITCH_3.0(1)B11P218, RG-EG series business VPN routers EG_3.0(1)B11P216, EAP and RAP series wireless access points AP_3.0(1)B11P218, NBC series wireless controllers AC_3.0(1)B11P86 allows unauthorized remote attackers to gain the highest privileges via crafted POST request to /cgi-bin/luci/api/auth. | 9.8 |
| 2023-07-31 | CVE-2023-34842 | Code Injection vulnerability in Dedecms Remote Code Execution vulnerability in DedeCMS through 5.7.109 allows remote attackers to run arbitrary code via crafted POST request to /dede/tpl.php. | 9.8 |
| 2023-07-28 | CVE-2023-39010 | Code Injection vulnerability in Boofcv 0.42 BoofCV 0.42 was discovered to contain a code injection vulnerability via the component boofcv.io.calibration.CalibrationIO.load. | 9.8 |
| 2023-07-28 | CVE-2023-39013 | Code Injection vulnerability in Larsga Duke 1.2 Duke v1.2 and below was discovered to contain a code injection vulnerability via the component no.priv.garshol.duke.server.CommonJTimer.init. | 9.8 |
| 2023-07-28 | CVE-2023-39015 | Code Injection vulnerability in Code4Craft Webmagic 0.9.0 webmagic-extension v0.9.0 and below was discovered to contain a code injection vulnerability via the component us.codecraft.webmagic.downloader.PhantomJSDownloader. | 9.8 |
| 2023-07-28 | CVE-2023-39016 | Code Injection vulnerability in Bbossgroups Bboss bboss-persistent v6.0.9 and below was discovered to contain a code injection vulnerability in the component com.frameworkset.common.poolman.util.SQLManager.createPool. | 9.8 |
| 2023-07-28 | CVE-2023-39017 | Code Injection vulnerability in Softwareag Quartz quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. | 9.8 |