Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-05 | CVE-2022-41763 | Code Injection vulnerability in Nokia Access Management System 9.7.05 An issue was discovered in NOKIA AMS 9.7.05. | 8.8 |
| 2023-09-01 | CVE-2023-39631 | Code Injection vulnerability in Langchain 0.0.245 An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library. | 9.8 |
| 2023-09-01 | CVE-2023-39685 | Code Injection vulnerability in Hjson An issue in hjson-java up to v3.0.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted JSON string. | 7.5 |
| 2023-08-29 | CVE-2023-41362 | Code Injection vulnerability in Mybb MyBB before 1.8.36 allows Code Injection by users with certain high privileges. | 7.2 |
| 2023-08-23 | CVE-2023-40177 | Code Injection vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.8 |
| 2023-08-22 | CVE-2023-36281 | Code Injection vulnerability in Langchain 0.0.171 An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via a JSON file to load_prompt. | 9.8 |
| 2023-08-17 | CVE-2023-37914 | Code Injection vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.8 |
| 2023-08-17 | CVE-2023-40252 | Code Injection vulnerability in Genians Genian NAC and Genian Ztna Improper Control of Generation of Code ('Code Injection') vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Replace Trusted Executable.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15. | 9.8 |
| 2023-08-15 | CVE-2023-38860 | Code Injection vulnerability in Langchain 0.0.231 An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter. | 9.8 |
| 2023-08-15 | CVE-2023-38889 | Code Injection vulnerability in Alluxio An issue in Alluxio v.2.9.3 and before allows an attacker to execute arbitrary code via a crafted script to the username parameter of lluxio.util.CommonUtils.getUnixGroups(java.lang.String). | 9.8 |