Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-11 | CVE-2021-37694 | Code Injection vulnerability in Asyncapi Java-Spring-Cloud-Stream-Template @asyncapi/java-spring-cloud-stream-template generates a Spring Cloud Stream (SCSt) microservice. | 7.8 |
2021-08-08 | CVE-2021-38196 | Code Injection vulnerability in Better-Macro Project Better-Macro An issue was discovered in the better-macro crate through 2021-07-22 for Rust. | 9.8 |
2021-08-04 | CVE-2021-36800 | Code Injection vulnerability in Akaunting Akaunting version 2.1.12 and earlier suffers from a code injection issue in the Money.php component of the application. | 9.1 |
2021-08-03 | CVE-2021-31630 | Code Injection vulnerability in Openplcproject Openplc V3 Firmware Command Injection in Open PLC Webserver v3 allows remote attackers to execute arbitrary code via the "Hardware Layer Code Box" component on the "/hardware" page of the application. | 8.8 |
2021-08-02 | CVE-2021-24430 | Code Injection vulnerability in Optimocha Speed Booster Pack The Speed Booster Pack ? PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its caching_exclude_urls and caching_include_query_strings settings before outputting them in a PHP file, which could lead to RCE | 7.2 |
2021-08-02 | CVE-2017-18113 | Code Injection vulnerability in Atlassian Data Center and Jira The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1 allows remote attackers who can trick a system administrator to import their malicious workflow to execute arbitrary code via a Remote Code Execution (RCE) vulnerability. | 8.8 |
2021-07-26 | CVE-2020-18172 | Code Injection vulnerability in Trezor Bridge 2.0.27 A code injection vulnerability in the SeDebugPrivilege component of Trezor Bridge 2.0.27 allows attackers to escalate privileges. | 9.8 |
2021-07-23 | CVE-2021-25808 | Code Injection vulnerability in Bludit 3.13.1 A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file. | 7.8 |
2021-07-22 | CVE-2021-1518 | Code Injection vulnerability in Cisco Firepower Device Manager On-Box A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. | 8.8 |
2021-07-21 | CVE-2021-32756 | Code Injection vulnerability in Manageiq ManageIQ is an open-source management platform. | 8.8 |