Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-11 | CVE-2018-8284 | Code Injection vulnerability in Microsoft products A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2. | 8.1 |
| 2018-07-10 | CVE-2018-2427 | Code Injection vulnerability in SAP products SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an attacker to inject code that can be executed by the application. | 8.8 |
| 2018-07-10 | CVE-2018-13818 | Code Injection vulnerability in Symfony Twig Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the search search_key parameter. | 9.8 |
| 2018-07-06 | CVE-2018-3608 | Code Injection vulnerability in Trendmicro products A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes. | 9.8 |
| 2018-07-06 | CVE-2017-1329 | Code Injection vulnerability in IBM products IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. | 5.4 |
| 2018-07-06 | CVE-2017-1248 | Code Injection vulnerability in IBM products IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. | 6.1 |
| 2018-07-06 | CVE-2017-1242 | Code Injection vulnerability in IBM products IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. | 5.4 |
| 2018-07-01 | CVE-2018-13043 | Code Injection vulnerability in multiple products scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing. | 9.8 |
| 2018-06-29 | CVE-2018-12995 | Code Injection vulnerability in Onefilecms onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the Upload screen. | 8.8 |
| 2018-06-29 | CVE-2018-12994 | Code Injection vulnerability in Onefilecms onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the New File screen. | 8.8 |