Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-08 | CVE-2023-22889 | Code Injection vulnerability in Smartbear Zephyr Enterprise SmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation. | 9.8 |
| 2023-03-08 | CVE-2023-0089 | Code Injection vulnerability in Proofpoint Enterprise Protection The webutils in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows an authenticated user to execute remote code through 'eval injection'. This affects all versions 8.20.0 and below. | 8.8 |
| 2023-03-08 | CVE-2023-0090 | Code Injection vulnerability in Proofpoint Enterprise Protection The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote code through 'eval injection'. | 9.8 |
| 2023-03-07 | CVE-2023-1003 | Code Injection vulnerability in Typora A vulnerability, which was classified as critical, was found in Typora up to 1.5.5 on Windows. | 7.8 |
| 2023-03-06 | CVE-2023-26107 | Code Injection vulnerability in Ebay Sketchsvg All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of the command string. | 7.8 |
| 2023-03-02 | CVE-2023-22381 | Code Injection vulnerability in Github Enterprise Server A code injection vulnerability was identified in GitHub Enterprise Server that allowed setting arbitrary environment variables from a single environment variable value in GitHub Actions when using a Windows based runner. | 8.8 |
| 2023-03-02 | CVE-2023-26477 | Code Injection vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 9.8 |
| 2023-02-24 | CVE-2023-1005 | Code Injection vulnerability in Markdown-Electron Project Markdown-Electron A vulnerability was found in JP1016 Markdown-Electron and classified as critical. | 7.8 |
| 2023-02-24 | CVE-2023-1004 | Code Injection vulnerability in Marktext A vulnerability has been found in MarkText up to 0.17.1 on Windows and classified as critical. | 7.8 |
| 2023-02-20 | CVE-2022-46836 | Code Injection vulnerability in Checkmk 2.0.0/2.1.0 PHP code injection in watolib auth.php and hosttags.php in Tribe29's Checkmk <= 2.1.0p10, Checkmk <= 2.0.0p27, and Checkmk <= 1.6.0p29 allows an attacker to inject and execute PHP code which will be executed upon request of the vulnerable component. | 8.8 |