Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-22 | CVE-2020-23037 | Code Injection vulnerability in Portable Playable 9.18 Portable Ltd Playable v9.18 contains a code injection vulnerability in the filename parameter, which allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. | 9.8 |
| 2021-10-18 | CVE-2021-22961 | Code Injection vulnerability in Glasswire 2.1.167 A code injection vulnerability exists within the firewall software of GlassWire v2.1.167 that could lead to arbitrary code execution from a file in the user path on first execution. | 9.8 |
| 2021-10-15 | CVE-2021-29679 | Code Injection vulnerability in multiple products IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated user to execute code remotely due to incorrectly neutralizaing user-contrlled input that could be interpreted a a server-side include (SSI) directive. | 8.8 |
| 2021-10-12 | CVE-2021-40499 | Code Injection vulnerability in SAP Netweaver Application Server Abap 7.70/7.70Byd/7.70Pi Client-side printing services SAP Cloud Print Manager and SAPSprint for SAP NetWeaver Application Server for ABAP - versions 7.70, 7.70 PI, 7.70 BYD, allow an attacker to inject code that can be executed by the application. | 9.8 |
| 2021-10-11 | CVE-2021-40889 | Code Injection vulnerability in Cmsuno Project Cmsuno 1.7.2 CMSUno version 1.7.2 is affected by a PHP code execution vulnerability. | 9.8 |
| 2021-10-11 | CVE-2021-42139 | Code Injection vulnerability in Deno Standard Modules Deno Standard Modules before 0.107.0 allows Code Injection via an untrusted YAML file in certain configurations. | 9.8 |
| 2021-10-06 | CVE-2020-21650 | Code Injection vulnerability in Myucms Project Myucms 2.2 Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the add() method. | 8.8 |
| 2021-10-06 | CVE-2020-21651 | Code Injection vulnerability in Myucms Project Myucms 2.2 Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\point.php, which can be exploited via the add() method. | 9.8 |
| 2021-10-06 | CVE-2020-21652 | Code Injection vulnerability in Myucms Project Myucms 2.2 Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the addqq() method. | 9.8 |
| 2021-10-04 | CVE-2021-40323 | Code Injection vulnerability in Cobbler Project Cobbler Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection. | 9.8 |