Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-14 | CVE-2020-10055 | Code Injection vulnerability in Siemens products A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). | 9.8 |
| 2020-08-10 | CVE-2020-8224 | Code Injection vulnerability in Nextcloud Desktop A code injection in Nextcloud Desktop Client 2.6.4 allowed to load arbitrary code when placing a malicious OpenSSL config into a fixed directory. | 7.8 |
| 2020-07-30 | CVE-2020-8218 | Code Injection vulnerability in multiple products A code injection vulnerability exists in Pulse Connect Secure <9.1R8 that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface. | 7.2 |
| 2020-07-14 | CVE-2020-11546 | Code Injection vulnerability in Superwebmailer SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. | 9.8 |
| 2020-07-10 | CVE-2020-8194 | Code Injection vulnerability in Citrix products Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download. | 6.5 |
| 2020-07-02 | CVE-2020-8163 | Code Injection vulnerability in multiple products The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument of a `render` call to perform a RCE. | 8.8 |
| 2020-06-26 | CVE-2020-15348 | Code Injection vulnerability in Zyxel Cloud CNM Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows use of live/CPEManager/AXCampaignManager/delete_cpes_by_ids?cpe_ids= for eval injection of Python code. | 9.8 |
| 2020-06-19 | CVE-2016-11064 | Code Injection vulnerability in Mattermost Desktop An issue was discovered in Mattermost Desktop App before 3.4.0. | 9.8 |
| 2020-06-11 | CVE-2020-5593 | Code Injection vulnerability in Zenphoto Zenphoto versions prior to 1.5.7 allows an attacker to conduct PHP code injection attacks by leading a user to upload a specially crafted .zip file. | 8.8 |
| 2020-06-10 | CVE-2020-7675 | Code Injection vulnerability in Cd-Messenger Project Cd-Messenger cd-messenger through 2.7.26 is vulnerable to Arbitrary Code Execution. | 9.8 |