Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-24 | CVE-2023-1004 | Code Injection vulnerability in Marktext A vulnerability has been found in MarkText up to 0.17.1 on Windows and classified as critical. | 7.8 |
| 2023-02-20 | CVE-2022-46836 | Code Injection vulnerability in Checkmk 2.0.0/2.1.0 PHP code injection in watolib auth.php and hosttags.php in Tribe29's Checkmk <= 2.1.0p10, Checkmk <= 2.0.0p27, and Checkmk <= 1.6.0p29 allows an attacker to inject and execute PHP code which will be executed upon request of the vulnerable component. | 8.8 |
| 2023-02-17 | CVE-2023-24078 | Code Injection vulnerability in Realtimelogic Fuguhub 8.1 Real Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution (RCE) vulnerability via the component /FuguHub/cmsdocs/. | 8.8 |
| 2023-02-15 | CVE-2023-22855 | Code Injection vulnerability in Kardex Control Center 5.7.12+0A203C2A213Master Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. | 9.8 |
| 2023-02-13 | CVE-2023-25717 | Code Injection vulnerability in Ruckuswireless Ruckus Wireless Admin, Smartzone and Smartzone AP Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring. | 9.8 |
| 2023-02-09 | CVE-2023-23912 | Code Injection vulnerability in UI products A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways (USG) Version 4.4.56 and earlier with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhcpv6-stateful, allows a malicious actor directly connected to the WAN interface of an affected device to create a remote code execution vulnerability. | 8.8 |
| 2023-02-03 | CVE-2023-24576 | Code Injection vulnerability in Dell EMC Networker EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the NetWorker Client execution service (nsrexecd) irrespective of any auth used. | 9.8 |
| 2023-02-03 | CVE-2021-36424 | Code Injection vulnerability in PHPwcms An issue discovered in phpwcms 1.9.25 allows remote attackers to run arbitrary code via DB user field during installation. | 9.8 |
| 2023-02-01 | CVE-2022-48093 | Code Injection vulnerability in Seacms 12.7 Seacms v12.7 was discovered to contain a remote code execution (RCE) vulnerability via the ip parameter at admin_ ip.php. | 7.2 |
| 2023-01-30 | CVE-2022-48175 | Code Injection vulnerability in Rukovoditel 3.2.1 Rukovoditel v3.2.1 was discovered to contain a remote code execution (RCE) vulnerability in the component /rukovoditel/index.php?module=dashboard/ajax_request. | 9.8 |