Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-11 | CVE-2021-42139 | Code Injection vulnerability in Deno Standard Modules Deno Standard Modules before 0.107.0 allows Code Injection via an untrusted YAML file in certain configurations. | 9.8 |
| 2021-10-06 | CVE-2020-21650 | Code Injection vulnerability in Myucms Project Myucms 2.2 Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the add() method. | 8.8 |
| 2021-10-06 | CVE-2020-21651 | Code Injection vulnerability in Myucms Project Myucms 2.2 Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\point.php, which can be exploited via the add() method. | 9.8 |
| 2021-10-06 | CVE-2020-21652 | Code Injection vulnerability in Myucms Project Myucms 2.2 Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the addqq() method. | 9.8 |
| 2021-10-04 | CVE-2021-40323 | Code Injection vulnerability in Cobbler Project Cobbler Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection. | 9.8 |
| 2021-09-28 | CVE-2020-20124 | Code Injection vulnerability in Wuzhicms 4.1.0 Wuzhi CMS v4.1.0 contains a remote code execution (RCE) vulnerability in \attachment\admin\index.php. | 8.8 |
| 2021-09-22 | CVE-2021-3583 | Code Injection vulnerability in Redhat Ansible Automation Platform and Ansible Tower A flaw was found in Ansible, where a user's controller is vulnerable to template injection. | 7.1 |
| 2021-09-20 | CVE-2021-39402 | Code Injection vulnerability in Maianmedia Maianaffiliate 1.0 MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel. | 7.2 |
| 2021-09-16 | CVE-2021-39128 | Code Injection vulnerability in Atlassian Jira Data Center and Jira Server Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA Administrators access to execute arbitrary Java code via a server-side template injection vulnerability in the Email Template feature. | 7.2 |
| 2021-09-15 | CVE-2021-33693 | Code Injection vulnerability in SAP Cloud Connector 2.0 SAP Cloud Connector, version - 2.0, allows an authenticated administrator to modify a configuration file to inject malicious codes that could potentially lead to OS command execution. | 6.8 |