Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-09 | CVE-2021-43466 | Code Injection vulnerability in Thymeleaf 3.0.12 In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution. | 9.8 |
| 2021-11-05 | CVE-2021-41228 | Code Injection vulnerability in Google Tensorflow TensorFlow is an open source platform for machine learning. | 7.8 |
| 2021-11-04 | CVE-2021-42057 | Code Injection vulnerability in Obsidian Dataview Obsidian Dataview through 0.4.12-hotfix1 allows eval injection. | 7.8 |
| 2021-11-04 | CVE-2021-43281 | Code Injection vulnerability in Mybb MyBB before 1.8.29 allows Remote Code Injection by an admin with the "Can manage settings?" permission. | 7.2 |
| 2021-11-02 | CVE-2021-42754 | Code Injection vulnerability in Fortinet Forticlient An improper control of generation of code vulnerability [CWE-94] in FortiClientMacOS versions 7.0.0 and below and 6.4.5 and below may allow an authenticated attacker to hijack the MacOS camera without the user permission via the malicious dylib file. | 5.0 |
| 2021-11-01 | CVE-2021-25877 | Code Injection vulnerability in Youphptube AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. | 7.2 |
| 2021-11-01 | CVE-2021-40348 | Code Injection vulnerability in multiple products Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. | 8.8 |
| 2021-11-01 | CVE-2021-42574 | Code Injection vulnerability in multiple products An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. | 8.3 |
| 2021-10-28 | CVE-2021-36985 | Code Injection vulnerability in Huawei Emui and Magic UI There is a Code injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may exhaust system resources and cause the system to restart. | 7.5 |
| 2021-10-27 | CVE-2021-41619 | Code Injection vulnerability in Gradle Enterprise 2020.4 An issue was discovered in Gradle Enterprise before 2021.1.2. | 7.2 |