Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-13 | CVE-2023-3224 | Code Injection vulnerability in Nuxt 3.4.0/3.4.1/3.4.2 Code Injection in GitHub repository nuxt/nuxt prior to 3.5.3. | 9.8 |
| 2023-06-13 | CVE-2023-30179 | Code Injection vulnerability in Craftcms Craft CMS 3.7.59 CraftCMS version 3.7.59 is vulnerable to Server-Side Template Injection (SSTI). | 7.2 |
| 2023-06-13 | CVE-2023-32546 | Code Injection vulnerability in Chatwork 2.6.43 Code injection vulnerability exists in Chatwork Desktop Application (Mac) 2.6.43 and earlier. | 4.4 |
| 2023-06-13 | CVE-2023-25910 | Code Injection vulnerability in Siemens Simatic PCS 7, Simatic S7-Pm and Simatic Step 7 A vulnerability has been identified in SIMATIC PCS 7 (All versions < V9.1 SP2 UC04), SIMATIC S7-PM (All versions < V5.7 SP1 HF1), SIMATIC S7-PM (All versions < V5.7 SP2 HF1), SIMATIC STEP 7 V5 (All versions < V5.7). | 8.8 |
| 2023-06-08 | CVE-2023-29402 | Code Injection vulnerability in multiple products The go command may generate unexpected code at build time when using cgo. | 9.8 |
| 2023-06-08 | CVE-2023-29404 | Code Injection vulnerability in multiple products The go command may execute arbitrary code at build time when using cgo. | 9.8 |
| 2023-06-07 | CVE-2020-36708 | Code Injection vulnerability in multiple products The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely <= 1.2.7, NewsMag <= 2.4.1, Activello <= 1.4.0, Illdy <= 2.1.4, Allegiant <= 1.2.2, Newspaper X <= 1.3.1, Pixova Lite <= 2.0.5, Brilliance <= 1.2.7, MedZone Lite <= 1.2.4, Regina Lite <= 2.0.4, Transcend <= 1.1.8, Affluent <= 1.1.0, Bonkers <= 1.0.4, Antreas <= 1.0.2, Sparkling <= 2.4.8, and NatureMag Lite <= 1.0.4. | 9.8 |
| 2023-05-30 | CVE-2023-32692 | Code Injection vulnerability in Codeigniter CodeIgniter is a PHP full-stack web framework. | 9.8 |
| 2023-05-26 | CVE-2023-30145 | Code Injection vulnerability in Tuzitio Camaleon CMS Camaleon CMS v2.7.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the formats parameter. | 9.8 |
| 2023-05-23 | CVE-2023-25953 | Code Injection vulnerability in Worksmobile Drive Explorer 3.5.4 Code injection vulnerability in Drive Explorer for macOS versions 3.5.4 and earlier allows an attacker who can login to the client where the affected product is installed to inject arbitrary code while processing the product execution. | 9.8 |