Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-23 | CVE-2024-0004 | Code Injection vulnerability in Purestorage Purity//Fa A condition exists in FlashArray Purity whereby an user with array admin role can execute arbitrary commands remotely to escalate privilege on the array. | 7.2 |
| 2024-09-19 | CVE-2024-9006 | Code Injection vulnerability in Jeanmarc77 123Solar 1.8.4.5 A vulnerability was found in jeanmarc77 123solar 1.8.4.5. | 8.8 |
| 2024-09-16 | CVE-2024-44623 | Code Injection vulnerability in SPX Graphics Controller An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the child_process.js function. | 9.8 |
| 2024-09-16 | CVE-2024-7104 | Code Injection vulnerability in SFS Winsure Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww.Winsure allows Code Injection.This issue affects ww.Winsure: before 4.6.2. | 9.8 |
| 2024-09-16 | CVE-2024-8880 | Code Injection vulnerability in Playsms A vulnerability classified as critical has been found in playSMS 1.4.4/1.4.5/1.4.6/1.4.7. | 9.8 |
| 2024-09-15 | CVE-2024-8864 | Code Injection vulnerability in Composio A vulnerability has been found in composiohq composio up to 0.5.6 and classified as critical. | 8.8 |
| 2024-09-14 | CVE-2024-8479 | Code Injection vulnerability in Webliberty Simple Spoiler The The Simple Spoiler plugin for WordPress is vulnerable to arbitrary shortcode execution in versions 1.2 to 1.3. | 7.3 |
| 2024-09-14 | CVE-2024-8271 | Code Injection vulnerability in Pluginus FOX - Currency Switcher Professional for Woocommerce The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.1. | 7.3 |
| 2024-09-12 | CVE-2024-45846 | Code Injection vulnerability in Mindsdb An arbitrary code execution vulnerability exists in versions 23.10.3.0 up to 24.7.4.1 of the MindsDB platform, when the Weaviate integration is installed on the server. | 8.8 |
| 2024-09-12 | CVE-2024-45847 | Code Injection vulnerability in Mindsdb An arbitrary code execution vulnerability exists in versions 23.11.4.2 up to 24.7.4.1 of the MindsDB platform, when one of several integrations is installed on the server. | 8.8 |