30 matches found
LiteLLM 代码注入漏洞
LiteLLM is an open source application from Berri AI. All LLM APIs can be called using the OpenAI format. LiteLLM suffers from a code injection vulnerability that stems from improper control over code generation, leading to a remote code execution RCE vulnerability...
The vulnerability of Visual Studio Code’s source editor is related to inadequate control over code generation, allowing attackers to execute arbitrary code.
The vulnerability of the Visual Studio Coded source editor is related to inadequate control over code generation. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
CVE-2022-40628
The CVE-2022-40628 affects Tacitine Firewall EN6200-PRIME QUAD-35 and EN6200-PRIME QUAD-100, versions 19.1.1–22.20.1. Root cause: improper control of code generation in the web-based management interface, enabling an unauthenticated remote attacker to send a crafted HTTP request and execute arbit...
PT-2022-17811 · Hestiacp · Hestiacp
Name of the Vulnerable Software and Affected Versions: hestiacp/hestiacp versions prior to 1.6.6 Description: The issue is related to improper control of generation of code, also known as 'code injection', and improper input validation in the hestiacp/hestiacp GitHub repository. Recommendations:...
The vulnerability of Microsoft Visual Studio Code’s editor, related to errors in code generation control, allows a hacker to execute arbitrary code.
The vulnerability of Microsoft Visual Studio Code’s source editor is related to errors in code generation control. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of Microsoft Visual Studio Code’s editor, related to errors in code generation control, allows a hacker to execute arbitrary code.
The vulnerability of Microsoft Visual Studio Code’s source editor is related to errors in code generation control. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability affects the runtime of procedure calls in Microsoft Windows operating systems, allowing an attacker to execute arbitrary code.
The vulnerability of remote procedure call runtime in Microsoft Windows operating systems is related to errors in code generation control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the dissection engine component in the Wireshark network traffic analyzer allows a hacker to cause a service failure.
The vulnerability of the dissection engine component in the Wireshark computer network analysis tool is related to a lack of mechanisms for controlling code generation. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the AV1 Video Extension codec, related to improper code generation control, allows a perpetrator to execute arbitrary code.
The vulnerability of the AV1 Video Extension codec is related to incorrect code generation control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
PT-2020-4157 · Microsoft · Windows Media Audio Decoder +1
Name of the Vulnerable Software and Affected Versions: Windows Media Audio Decoder affected versions not specified Description: A remote code execution issue exists due to improper handling of objects by Windows Media Audio Decoder, allowing an attacker to potentially take control of an affected...