Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-28 | CVE-2021-36985 | Code Injection vulnerability in Huawei Emui and Magic UI There is a Code injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may exhaust system resources and cause the system to restart. | 7.5 |
| 2021-10-27 | CVE-2021-41619 | Code Injection vulnerability in Gradle Enterprise 2020.4 An issue was discovered in Gradle Enterprise before 2021.1.2. | 7.2 |
| 2021-10-22 | CVE-2020-23037 | Code Injection vulnerability in Portable Playable 9.18 Portable Ltd Playable v9.18 contains a code injection vulnerability in the filename parameter, which allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. | 9.8 |
| 2021-10-18 | CVE-2021-22961 | Code Injection vulnerability in Glasswire 2.1.167 A code injection vulnerability exists within the firewall software of GlassWire v2.1.167 that could lead to arbitrary code execution from a file in the user path on first execution. | 9.8 |
| 2021-10-15 | CVE-2021-29679 | Code Injection vulnerability in multiple products IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated user to execute code remotely due to incorrectly neutralizaing user-contrlled input that could be interpreted a a server-side include (SSI) directive. | 8.8 |
| 2021-10-12 | CVE-2021-40499 | Code Injection vulnerability in SAP Netweaver Application Server Abap 7.70/7.70Byd/7.70Pi Client-side printing services SAP Cloud Print Manager and SAPSprint for SAP NetWeaver Application Server for ABAP - versions 7.70, 7.70 PI, 7.70 BYD, allow an attacker to inject code that can be executed by the application. | 9.8 |
| 2021-10-11 | CVE-2021-40889 | Code Injection vulnerability in Cmsuno Project Cmsuno 1.7.2 CMSUno version 1.7.2 is affected by a PHP code execution vulnerability. | 9.8 |
| 2021-10-11 | CVE-2021-42139 | Code Injection vulnerability in Deno Standard Modules Deno Standard Modules before 0.107.0 allows Code Injection via an untrusted YAML file in certain configurations. | 9.8 |
| 2021-10-06 | CVE-2020-21650 | Code Injection vulnerability in Myucms Project Myucms 2.2 Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the add() method. | 8.8 |
| 2021-10-06 | CVE-2020-21651 | Code Injection vulnerability in Myucms Project Myucms 2.2 Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\point.php, which can be exploited via the add() method. | 9.8 |