Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-20 | CVE-2023-1250 | Code Injection vulnerability in Otrs Improper Input Validation vulnerability in OTRS AG OTRS (ACL modules), OTRS AG ((OTRS)) Community Edition (ACL modules) allows Local Execution of Code. | 7.8 |
| 2023-03-13 | CVE-2023-0888 | Code Injection vulnerability in Bbraun Battery-Pack SP With Wifi Firmware 053L000092/054U000092 An improper neutralization of directives in dynamically evaluated code vulnerability in the WiFi Battery embedded web server in versions L90/U70 and L92/U92 can be used to gain administrative access to the WiFi communication module. | 7.2 |
| 2023-03-13 | CVE-2023-1367 | Code Injection vulnerability in Easyappointments Code Injection in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | 3.8 |
| 2023-03-09 | CVE-2023-1287 | Code Injection vulnerability in 3DS Enovia Live Collaboration An XSL template vulnerability in ENOVIA Live Collaboration V6R2013xE allows Remote Code Execution. | 9.8 |
| 2023-03-09 | CVE-2023-27986 | Code Injection vulnerability in GNU Emacs 28.1/28.2 emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. | 7.8 |
| 2023-03-08 | CVE-2023-22889 | Code Injection vulnerability in Smartbear Zephyr Enterprise SmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation. | 9.8 |
| 2023-03-08 | CVE-2023-0089 | Code Injection vulnerability in Proofpoint Enterprise Protection The webutils in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows an authenticated user to execute remote code through 'eval injection'. This affects all versions 8.20.0 and below. | 8.8 |
| 2023-03-08 | CVE-2023-0090 | Code Injection vulnerability in Proofpoint Enterprise Protection The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote code through 'eval injection'. | 9.8 |
| 2023-03-07 | CVE-2023-1003 | Code Injection vulnerability in Typora A vulnerability, which was classified as critical, was found in Typora up to 1.5.5 on Windows. | 7.8 |
| 2023-03-06 | CVE-2023-26107 | Code Injection vulnerability in Ebay Sketchsvg All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of the command string. | 7.8 |