Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-28 | CVE-2023-39015 | Code Injection vulnerability in Code4Craft Webmagic 0.9.0 webmagic-extension v0.9.0 and below was discovered to contain a code injection vulnerability via the component us.codecraft.webmagic.downloader.PhantomJSDownloader. | 9.8 |
| 2023-07-28 | CVE-2023-39016 | Code Injection vulnerability in Bbossgroups Bboss bboss-persistent v6.0.9 and below was discovered to contain a code injection vulnerability in the component com.frameworkset.common.poolman.util.SQLManager.createPool. | 9.8 |
| 2023-07-28 | CVE-2023-39017 | Code Injection vulnerability in Softwareag Quartz quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. | 9.8 |
| 2023-07-28 | CVE-2023-39018 | Code Injection vulnerability in Bramp Ffmpeg-Cli-Wrapper FFmpeg 0.7.0 and below was discovered to contain a code injection vulnerability in the component net.bramp.ffmpeg.FFmpeg.<constructor>. | 9.8 |
| 2023-07-28 | CVE-2023-39020 | Code Injection vulnerability in Stanford Parser 3.9.2 stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. | 9.8 |
| 2023-07-28 | CVE-2023-39021 | Code Injection vulnerability in WIX Embedded Mysql 4.6.1 wix-embedded-mysql v4.6.1 and below was discovered to contain a code injection vulnerability in the component com.wix.mysql.distribution.Setup.apply. | 9.8 |
| 2023-07-28 | CVE-2023-39022 | Code Injection vulnerability in Oscore oscore v2.2.6 and below was discovered to contain a code injection vulnerability in the component com.opensymphony.util.EJBUtils.createStateless. | 9.8 |
| 2023-07-28 | CVE-2023-39023 | Code Injection vulnerability in University Compass Project University Compass university compass v2.2.0 and below was discovered to contain a code injection vulnerability in the component org.compass.core.executor.DefaultExecutorManager.configure. | 9.8 |
| 2023-07-19 | CVE-2023-3519 | Code Injection vulnerability in Citrix products Unauthenticated remote code execution | 9.8 |
| 2023-07-19 | CVE-2023-22506 | Code Injection vulnerability in Atlassian Bamboo Data Center and Bamboo Server This High severity Injection and RCE (Remote Code Execution) vulnerability known as CVE-2023-22506 was introduced in version 8.0.0 of Bamboo Data Center. This Injection and RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.5, allows an authenticated attacker to modify the actions taken by a system call and execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and no user interaction. Atlassian recommends that you upgrade your instance to latest version. | 8.8 |