Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-29 | CVE-2019-11594 | Code Injection vulnerability in Getadblock Adblock In AdBlock before 3.45.0, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an open redirect. | 8.1 |
| 2019-04-29 | CVE-2019-11593 | Code Injection vulnerability in Adblockplus Adblock Plus In Adblock Plus before 3.5.2, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an open redirect. | 8.1 |
| 2019-04-22 | CVE-2011-1830 | Code Injection vulnerability in Ekiga Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so. | 8.8 |
| 2019-04-20 | CVE-2019-11376 | Code Injection vulnerability in Brassica SOY CMS 3.0.2 SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a <?php substring in the second text box. | 7.2 |
| 2019-04-09 | CVE-2019-10633 | Code Injection vulnerability in Zyxel Nas326 Firmware 5.21 An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs. | 8.8 |
| 2019-04-04 | CVE-2019-10863 | Code Injection vulnerability in Combodo Teemip A command injection vulnerability exists in TeemIp versions before 2.4.0. | 7.2 |
| 2019-04-04 | CVE-2019-10842 | Code Injection vulnerability in Getbootstrap Bootstrap-Sass 3.2.0.3 Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. | 9.8 |
| 2019-04-01 | CVE-2019-10684 | Code Injection vulnerability in 74Cms 5.0.1 Application/Admin/Controller/ConfigController.class.php in 74cms v5.0.1 allows remote attackers to execute arbitrary PHP code via the index.php?m=Admin&c=config&a=edit site_domain parameter. | 9.8 |
| 2019-03-29 | CVE-2017-18108 | Code Injection vulnerability in Atlassian Crowd The administration SMTP configuration resource in Atlassian Crowd before version 2.10.2 allows remote attackers with administration rights to execute arbitrary code via a JNDI injection. | 7.2 |
| 2019-03-27 | CVE-2018-19641 | Code Injection vulnerability in Microfocus Solutions Business Manager Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | 9.8 |