Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-28 | CVE-2021-4315 | Code Injection vulnerability in Psiturk A vulnerability has been found in NYUCCL psiTurk up to 3.2.0 and classified as critical. | 8.8 |
| 2023-01-26 | CVE-2022-25894 | Code Injection vulnerability in Uflo Project Uflo All versions of the package com.bstek.uflo:uflo-core are vulnerable to Remote Code Execution (RCE) in the ExpressionContextImpl class via jexl.createExpression(expression).evaluate(context); functionality, due to improper user input validation. | 9.8 |
| 2023-01-21 | CVE-2020-36655 | Code Injection vulnerability in Yiiframework GII Yii Yii2 Gii before 2.2.2 allows remote attackers to execute arbitrary code via the Generator.php messageCategory field. | 8.8 |
| 2023-01-18 | CVE-2022-34456 | Code Injection vulnerability in Dell EMC Metro Node Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. | 8.8 |
| 2023-01-17 | CVE-2022-46648 | Code Injection vulnerability in multiple products ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. | 8.0 |
| 2023-01-14 | CVE-2023-22853 | Code Injection vulnerability in Tiki Tiki before 24.1, when feature_create_webhelp is enabled, allows lib/structures/structlib.php PHP Object Injection because of an eval. | 8.8 |
| 2023-01-13 | CVE-2022-42268 | Code Injection vulnerability in Nvidia products Omniverse Kit contains a vulnerability in the reference applications Create, Audio2Face, Isaac Sim, View, Code, and Machinima. | 7.8 |
| 2022-12-22 | CVE-2022-46101 | Code Injection vulnerability in Ayacms Project Ayacms 3.1.2 AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting malicious code. | 8.8 |
| 2022-12-22 | CVE-2022-47896 | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.3.1 code Templates were vulnerable to SSTI attacks. | 7.8 |
| 2022-12-15 | CVE-2021-39426 | Code Injection vulnerability in Seacms 11.4 An issue was discovered in /Upload/admin/admin_notify.php in Seacms 11.4 allows attackers to execute arbitrary php code via the notify1 parameter when the action parameter equals set. | 9.8 |