Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-12 | CVE-2024-45851 | Code Injection vulnerability in Mindsdb An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. | 8.8 |
2024-09-10 | CVE-2024-43469 | Code Injection vulnerability in Microsoft Azure Cyclecloud Azure CycleCloud Remote Code Execution Vulnerability | 8.8 |
2024-09-10 | CVE-2024-8258 | Code Injection vulnerability in Logitech Logi Options+ Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options Plus version 1.60.496306 on macOS allows attackers to execute arbitrary code via insecure Electron Fuses configuration. | 7.8 |
2024-09-10 | CVE-2024-6596 | Code Injection vulnerability in Endress products An unauthenticated remote attacker can run malicious c# code included in curve files and execute commands in the users context. | 9.8 |
2024-09-10 | CVE-2024-8268 | Code Injection vulnerability in Buffercode Frontend Dashboard The Frontend Dashboard plugin for WordPress is vulnerable to unauthorized code execution due to insufficient filtering on callable methods/functions via the ajax_request() function in all versions up to, and including, 2.2.4. | 8.8 |
2024-09-10 | CVE-2024-8478 | Code Injection vulnerability in Ifeelweb Affiliate Super Assistent The The Affiliate Super Assistent plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.5.3. | 7.3 |
2024-09-04 | CVE-2024-45053 | Code Injection vulnerability in Ethyca Fides Fides is an open-source privacy engineering platform. | 7.2 |
2024-09-03 | CVE-2024-45390 | Code Injection vulnerability in Blakeembrey Template @blakeembrey/template is a string template library. | 9.8 |
2024-09-03 | CVE-2024-7345 | Code Injection vulnerability in Progress Openedge Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit unauthorized code injection into Multi-Session Agents on supported OpenEdge LTS platforms up to OpenEdge LTS 11.7.18 and LTS 12.2.13 on all supported release platforms | 9.6 |
2024-09-03 | CVE-2024-8374 | Code Injection vulnerability in Ultimaker Cura UltiMaker Cura slicer versions 5.7.0-beta.1 through 5.7.2 are vulnerable to code injection via the 3MF format reader (/plugins/ThreeMFReader.py). | 7.8 |