The vulnerability of the OLE Automation technology implementation in Microsoft Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the OLE Automation technology implementation in Microsoft Windows operating systems is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

SQL Injection Vulnerability in Ricochet Cloud Group Live Code Generation System (CNVD-2021-41720)

RikerCloud live code management system is an open source, free, live code system that can be operated online to improve efficiency, get more resources and so on. A SQL injection vulnerability exists in the Ricochet Cloud Live Code Generation System, which can be exploited by attackers to obtain...

The vulnerability of Microsoft Office packages and Microsoft Office Web Apps arises from improper code generation management, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and Microsoft Office Web Apps is related to improper code generation during the processing of COM objects. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malware file or a specially crafted...

The vulnerability of components of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server allows a perpetrator to execute arbitrary code.

The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server’s Web Part components is related to improper code generation management. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the Microsoft Exchange Server mail server, related to improper code generation, allows a hacker to execute arbitrary code.

The vulnerability of Microsoft Exchange Server is related to incorrect code generation management. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

CVE-2021-32629 Memory access due to code generation flaw in Cranelift module

Cranelift is an open-source code generator maintained by Bytecode Alliance. It translates a target-independent intermediate representation into executable machine code. There is a bug in 0.73 of the Cranelift x64 backend that can create a scenario that could result in a potential sandbox escape i...

The vulnerability of the Hyper-V component of the Windows operating system, related to improper code generation, allows a perpetrator to execute arbitrary code.

The vulnerability of the Hyper-V component of the Windows operating system is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of Microsoft Office Web Apps Server, Microsoft Office, Office Online Server, and Microsoft Excel stems from improper code generation management, allowing attackers to execute arbitrary code.

The vulnerability of Microsoft Office Web Apps Server, Microsoft Office, Office Online Server, and Microsoft Excel is related to improper code generation. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability of Skype for Business Server (Microsoft Lync Server) in corporate communication servers, related to improper code generation, allows attackers to execute arbitrary code.

The vulnerability of Skype for Business Server Microsoft Lync Server corporate communication servers is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of Visual Studio Code’s source editor on Windows, related to improper handling of code generation, allows attackers to execute arbitrary code.

The vulnerability of Visual Studio Code Windows editor is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created file from a remote location...

Memory access due to code generation flaw in Cranelift module

There is a bug in 0.73.0 of the Cranelift x64 backend that can create a scenario that could result in a potential sandbox escape in a WebAssembly module. Users of versions 0.73.0 of Cranelift should upgrade to either 0.73.1 or 0.74 to remediate this vulnerability. Users of Cranelift prior to 0.73...

RUSTSEC-2021-0067 Memory access due to code generation flaw in Cranelift module

There is a bug in 0.73.0 of the Cranelift x64 backend that can create a scenario that could result in a potential sandbox escape in a WebAssembly module. Users of versions 0.73.0 of Cranelift should upgrade to either 0.73.1 or 0.74 to remediate this vulnerability. Users of Cranelift prior to 0.73...

Vulnerability of the Windows Media Foundation Core component in Microsoft Windows operating systems, allowing attackers to execute arbitrary code

The vulnerability of the Windows Media Foundation Core component in Microsoft Windows operating systems is related to improper code generation. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of Web Media Extensions, related to improper code generation management, allows a hacker to execute arbitrary code.

The vulnerability of the Web Media Extensions extension package is related to incorrect code generation management. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the Microsoft Exchange Server mail server, related to improper code generation, allows a hacker to execute arbitrary code.

The vulnerability of Microsoft Exchange Server is related to incorrect code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator

Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. This...

GHSA-23X4-M842-FMWF Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator

Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. This...

PT-2021-3138 · Microsoft · Visual Studio Code

Name of the Vulnerable Software and Affected Versions: Visual Studio Code affected versions not specified Description: The issue is related to incorrect code generation management in Visual Studio Code. Exploitation of this issue may allow an attacker to execute arbitrary code using a specially...

PT-2021-3044 · Microsoft · Lync +3

Name of the Vulnerable Software and Affected Versions: Skype for Business and Lync affected versions not specified Description: The issue is related to incorrect code generation management in the Skype for Business Server Microsoft Lync Server, which can be exploited by a remote attacker to execu...

PT-2021-3149 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to the incorrect management of code generation in the implementation of OLE Automation technology in Microsoft Windows. This can be exploited by a remote...