Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-22 | CVE-2020-20601 | Code Injection vulnerability in Thinkcmf An issue in ThinkCMF X2.2.2 and below allows attackers to execute arbitrary code via a crafted packet. | 9.8 |
| 2021-12-16 | CVE-2021-43837 | Code Injection vulnerability in Vault-Cli Project Vault-Cli vault-cli is a configurable command-line interface tool (and python library) to interact with Hashicorp Vault. | 9.1 |
| 2021-12-14 | CVE-2021-44231 | Code Injection vulnerability in SAP Abap Platform and Netweaver Application Server Abap Internally used text extraction reports allow an attacker to inject code that can be executed by the application. | 9.8 |
| 2021-12-08 | CVE-2021-44529 | Code Injection vulnerability in Ivanti Endpoint Manager Cloud Services Appliance 4.5/4.6 A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody). | 9.8 |
| 2021-12-08 | CVE-2021-37097 | Code Injection vulnerability in Huawei Emui, Harmonyos and Magic UI There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart. | 7.5 |
| 2021-12-07 | CVE-2021-37079 | Code Injection vulnerability in Huawei Harmonyos There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete arbitrary file by system_app permission. | 9.1 |
| 2021-11-30 | CVE-2021-38967 | Code Injection vulnerability in IBM MQ Appliance 9.2.0.0 IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local privileged user to inject and execute malicious code. | 6.7 |
| 2021-11-30 | CVE-2021-3725 | Code Injection vulnerability in Planetargon OH MY ZSH Vulnerability in dirhistory plugin Description: the widgets that go back and forward in the directory history, triggered by pressing Alt-Left and Alt-Right, use functions that unsafely execute eval on directory names. | 8.8 |
| 2021-11-22 | CVE-2021-33493 | Code Injection vulnerability in Open-Xchange OX APP Suite 7.10.5 The middleware component in OX App Suite through 7.10.5 allows Code Injection via Java classes in a YAML format. | 6.0 |
| 2021-11-19 | CVE-2021-22053 | Code Injection vulnerability in VMWare Spring Cloud Netflix Applications using both `spring-cloud-netflix-hystrix-dashboard` and `spring-boot-starter-thymeleaf` expose a way to execute code submitted within the request URI path during the resolution of view templates. | 8.8 |