Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-17 | CVE-2020-11804 | Code Injection vulnerability in Titanhq Spamtitan 7.07 An issue was discovered in Titan SpamTitan 7.07. | 8.8 |
| 2020-09-17 | CVE-2020-11803 | Code Injection vulnerability in Titanhq Spamtitan 7.07 An issue was discovered in Titan SpamTitan 7.07. | 8.8 |
| 2020-09-09 | CVE-2020-6318 | Code Injection vulnerability in SAP Abap Platform A Remote Code Execution vulnerability exists in the SAP NetWeaver (ABAP Server, up to release 7.40) and ABAP Platform (> release 7.40).Because of this, an attacker can exploit these products via Code Injection, and potentially enabling to take complete control of the products, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. | 7.2 |
| 2020-09-03 | CVE-2020-7381 | Code Injection vulnerability in Rapid7 Nexpose In Rapid7 Nexpose installer versions prior to 6.6.40, the Nexpose installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine. | 7.8 |
| 2020-09-01 | CVE-2020-6144 | Code Injection vulnerability in Os4Ed Opensis 7.4 A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. | 9.8 |
| 2020-09-01 | CVE-2020-6143 | Code Injection vulnerability in Os4Ed Opensis 7.4 A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. | 9.8 |
| 2020-08-21 | CVE-2020-7710 | Code Injection vulnerability in Safe-Eval Project Safe-Eval This affects all versions of package safe-eval. | 9.8 |
| 2020-08-21 | CVE-2020-15070 | Code Injection vulnerability in Zulip Server Zulip Server 2.x before 2.1.7 allows eval injection if a privileged attacker were able to write directly to the postgres database, and chose to write a crafted custom profile field value. | 8.8 |
| 2020-08-18 | CVE-2020-15865 | Code Injection vulnerability in Stimulsoft Reports 2013.1.1600.0 A Remote Code Execution vulnerability in Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0 allows an attacker to encode C# scripts as base-64 in the report XML file so that they will be compiled and executed on the server that processes this file. | 9.8 |
| 2020-08-14 | CVE-2020-15142 | Code Injection vulnerability in Openapi-Python-Client Project Openapi-Python-Client In openapi-python-client before version 0.5.3, clients generated with a maliciously crafted OpenAPI Document can generate arbitrary Python code. | 9.0 |