Vulnerabilities > Improper Control of Generation of Code ('Code Injection')

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-17	CVE-2022-46648	Code Injection vulnerability in multiple products ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. network low complexity ruby-git-project debian CWE-94	8.0
2023-01-14	CVE-2023-0297	Code Injection vulnerability in Pyload Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31. network low complexity pyload CWE-94 critical	9.8
2023-01-14	CVE-2023-22853	Code Injection vulnerability in Tiki Tiki before 24.1, when feature_create_webhelp is enabled, allows lib/structures/structlib.php PHP Object Injection because of an eval. network low complexity tiki CWE-94	8.8
2023-01-13	CVE-2022-42268	Code Injection vulnerability in Nvidia products Omniverse Kit contains a vulnerability in the reference applications Create, Audio2Face, Isaac Sim, View, Code, and Machinima. local low complexity nvidia CWE-94	7.8
2023-01-10	CVE-2023-0022	Code Injection vulnerability in SAP Businessobjects Business Intelligence Platform 420/430 SAP BusinessObjects Business Intelligence Analysis edition for OLAP allows an authenticated attacker to inject malicious code that can be executed by the application over the network. network low complexity sap CWE-94	8.8
2023-01-04	CVE-2023-0048	Code Injection vulnerability in Daloradius Code Injection in GitHub repository lirantal/daloradius prior to master-branch. network low complexity daloradius CWE-94	8.8
2023-01-02	CVE-2015-10009	Code Injection vulnerability in Nonfiction Nterchange 4.0.0/4.1.0 A vulnerability was found in nterchange up to 4.1.0. network low complexity nonfiction CWE-94 critical	9.8
2022-12-22	CVE-2022-46101	Code Injection vulnerability in Ayacms Project Ayacms 3.1.2 AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting malicious code. network low complexity ayacms-project CWE-94	8.8
2022-12-22	CVE-2022-47896	Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.3.1 code Templates were vulnerable to SSTI attacks. local low complexity jetbrains CWE-94	7.8
2022-12-15	CVE-2021-39426	Code Injection vulnerability in Seacms 11.4 An issue was discovered in /Upload/admin/admin_notify.php in Seacms 11.4 allows attackers to execute arbitrary php code via the notify1 parameter when the action parameter equals set. network low complexity seacms CWE-94 critical	9.8