Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-18 | CVE-2020-25197 | Code Injection vulnerability in GE Rt430 Firmware, Rt431 Firmware and Rt434 Firmware A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06 that could allow an authenticated remote attacker to execute arbitrary code on the system. | 8.8 |
| 2022-03-17 | CVE-2020-15591 | Code Injection vulnerability in Uni-Stuttgart Frams' Fast File Exchange fexsrv in F*EX (aka Frams' Fast File EXchange) before fex-20160919_2 allows eval injection (for unauthenticated remote code execution). | 9.8 |
| 2022-03-17 | CVE-2022-25760 | Code Injection vulnerability in Accesslog Project Accesslog All versions of package accesslog are vulnerable to Arbitrary Code Injection due to the usage of the Function constructor without input sanitization. | 9.8 |
| 2022-03-16 | CVE-2022-0811 | Code Injection vulnerability in Kubernetes Cri-O A flaw was found in CRI-O in the way it set kernel options for a pod. | 8.8 |
| 2022-03-15 | CVE-2022-25498 | Code Injection vulnerability in Cuppacms 1.0 CuppaCMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the saveConfigData function in /classes/ajax/Functions.php. | 9.8 |
| 2022-03-15 | CVE-2022-0944 | Code Injection vulnerability in Sqlpad Template injection in connection test endpoint leads to RCE in GitHub repository sqlpad/sqlpad prior to 6.10.1. | 7.2 |
| 2022-03-11 | CVE-2021-44618 | Code Injection vulnerability in Nystudio107 Seomatic 3.4.12 A Server-side Template Injection (SSTI) vulnerability exists in Nystudio107 Seomatic 3.4.12 in src/helpers/UrlHelper.php via the host header. | 9.8 |
| 2022-03-09 | CVE-2022-0896 | Code Injection vulnerability in Microweber Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository microweber/microweber prior to 1.3. | 8.8 |
| 2022-03-08 | CVE-2021-43944 | Code Injection vulnerability in Atlassian Jira Server This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. | 7.2 |
| 2022-03-05 | CVE-2022-0845 | Code Injection vulnerability in Lightningai Pytorch Lightning Code Injection in GitHub repository pytorchlightning/pytorch-lightning prior to 1.6.0. | 9.8 |