Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-29 | CVE-2023-36542 | Code Injection vulnerability in Apache Nifi Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which allows an authenticated and authorized user to configure a location that enables custom code execution. | 8.8 |
| 2023-07-28 | CVE-2023-39010 | Code Injection vulnerability in Boofcv 0.42 BoofCV 0.42 was discovered to contain a code injection vulnerability via the component boofcv.io.calibration.CalibrationIO.load. | 9.8 |
| 2023-07-28 | CVE-2023-39013 | Code Injection vulnerability in Larsga Duke 1.2 Duke v1.2 and below was discovered to contain a code injection vulnerability via the component no.priv.garshol.duke.server.CommonJTimer.init. | 9.8 |
| 2023-07-28 | CVE-2023-39015 | Code Injection vulnerability in Code4Craft Webmagic 0.9.0 webmagic-extension v0.9.0 and below was discovered to contain a code injection vulnerability via the component us.codecraft.webmagic.downloader.PhantomJSDownloader. | 9.8 |
| 2023-07-28 | CVE-2023-39016 | Code Injection vulnerability in Bbossgroups Bboss bboss-persistent v6.0.9 and below was discovered to contain a code injection vulnerability in the component com.frameworkset.common.poolman.util.SQLManager.createPool. | 9.8 |
| 2023-07-28 | CVE-2023-39017 | Code Injection vulnerability in Softwareag Quartz quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. | 9.8 |
| 2023-07-28 | CVE-2023-39018 | Code Injection vulnerability in Bramp Ffmpeg-Cli-Wrapper FFmpeg 0.7.0 and below was discovered to contain a code injection vulnerability in the component net.bramp.ffmpeg.FFmpeg.<constructor>. | 9.8 |
| 2023-07-28 | CVE-2023-39020 | Code Injection vulnerability in Stanford Parser 3.9.2 stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. | 9.8 |
| 2023-07-28 | CVE-2023-39021 | Code Injection vulnerability in WIX Embedded Mysql 4.6.1 wix-embedded-mysql v4.6.1 and below was discovered to contain a code injection vulnerability in the component com.wix.mysql.distribution.Setup.apply. | 9.8 |
| 2023-07-28 | CVE-2023-39022 | Code Injection vulnerability in Oscore oscore v2.2.6 and below was discovered to contain a code injection vulnerability in the component com.opensymphony.util.EJBUtils.createStateless. | 9.8 |