The vulnerability of the sys/audit component in the Vault Enterprise and Vault Community Edition enterprise information archiving platform allows a perpetrator to gain unauthorized access to execute arbitrary code.

The vulnerability of the sys/audit component in the Vault Enterprise and Vault Community Edition enterprise information archiving platforms is related to improper code generation management. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to...

CVE-2024-10094

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...

CVE-2024-10094

CVE-2024-10094 affects Pega Platform versions 6.x through Infinity 24.1.1 due to an issue with Improper Control of Generation of Code. Connected sources consistently identify this as the affected product and root cause. Public details mention a large range of versions but do not provide a confirm...

The vulnerability of Microsoft Edge browser, related to improper code generation, allows attackers to bypass existing security restrictions.

The vulnerability of Microsoft Edge is related to improper handling of code generation. Exploiting this vulnerability can allow a remote attacker to bypass existing security restrictions...

The vulnerability of the `AlertUtil::validateExpression` method (/api/v1/events/subscriptions/validation/condition/) of the OpenMetadata platform allows a perpetrator to execute arbitrary code.

The vulnerability of the ‎AlertUtil::validateExpression /api/v1/events/subscriptions/validation/condition/ method of the OpenMetadata platform is related to improper handling of code generation. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

PT-2024-3297 · Microsoft · Windows Dns Server +1

Name of the Vulnerable Software and Affected Versions: Windows DNS Server affected versions not specified Description: The issue is related to incorrect code generation management in the Windows DNS server, allowing remote attackers to execute arbitrary code and affect the system. Recommendations...

PT-2023-4252 · Sap · Sap Powerdesigner +2

Name of the Vulnerable Software and Affected Versions: SAP SQLA for PowerDesigner 17 bundled with SAP PowerDesigner 16.7 SP06 PL03 Description: The issue is related to the integration of a malicious library due to incorrect code generation management in the SAP SQL Anywhere tool for SAP...

The vulnerability of the Microsoft Office Access Connectivity Engine component of the Microsoft Office software suite, related to improper code generation, allows a malicious actor to execute arbitrary code.

The vulnerability of the Microsoft Office Access Connectivity Engine component of the Microsoft Office software suite is related to improper code generation. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

GHSA-49J7-QGHP-5WJ8 Improper Control of Generation of Code in HawtJNI

Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJNI before 1.8, when a custom library path is not specified, allows local users to execute arbitrary Java code by overwriting a temporary JAR file with a predictable name in /tmp...

PT-2022-2871 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to incorrect code generation management in the Win32 Stream Enumeration component of Windows operating systems. It allows remote attackers to execute arbitrary code and...

The vulnerability of the Windows IKE extension in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Windows IKE extension in operating systems is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

PT-2022-1667 · Microsoft · Windows 11 +4

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version windows10 windows 11 win srv 19 win srv 22 Description: The issue is related to incorrect code generation management in the Windows Runtime component of the Windows operating system. This...

PT-2022-1856 · Microsoft · Azure Site Recovery

Name of the Vulnerable Software and Affected Versions: Azure Site Recovery affected versions not specified Description: The issue is related to incorrect code generation management in Azure Site Recovery, allowing a remote attacker to execute arbitrary code. Recommendations: At the moment, there ...

The vulnerability of NETGEAR’s Wi-Fi routers, namely RBK40, RBR40, and RBS40, stems from improper handling of the cryptographic generation process. This allows attackers to execute a Server Side Include Injection (SSI) attack.

The vulnerability of the built-in Wi-Fi router software from NETGEAR, namely RBK40, RBR40, and RBS40, is related to incorrect code generation. Exploiting this vulnerability could allow an attacker to execute a Server Side Include Injection SSI attack...

PT-2022-1685 · Microsoft · Windows Resilient File System +1

Name of the Vulnerable Software and Affected Versions: Windows Resilient File System ReFS affected versions not specified Description: The issue is related to incorrect code generation management in the Windows Resilient File System, which can be exploited to execute arbitrary code. This allows a...

PT-2021-3834 · Microsoft · Windows Graphics +1

Name of the Vulnerable Software and Affected Versions: Windows Graphics Component affected versions not specified Description: The issue is related to incorrect code generation management in the Graphics Component of Windows operating systems. It allows a remote attacker to execute arbitrary code...

PT-2021-5714 · Microsoft · Windows Dns Server +1

Name of the Vulnerable Software and Affected Versions: Windows DNS Server affected versions not specified Description: The issue is related to incorrect code generation management in the DNS Server component of the Microsoft Windows operating system. It allows remote attackers to execute arbitrar...

PT-2021-5230 · Unknown · Hevc Video Extensions

Name of the Vulnerable Software and Affected Versions: HEVC Video Extensions affected versions not specified Description: The issue is related to incorrect code generation management in the application. It may allow a remote attacker to execute arbitrary code. Recommendations: At the moment, ther...

PT-2021-3373 · Unknown · Vp9 Video Extensions

Name of the Vulnerable Software and Affected Versions: VP9 Video Extensions affected versions not specified Description: The issue is related to incorrect code generation management in the VP9 Video Extensions package. An attacker can exploit this by sending a specially crafted request, potential...

The vulnerability of the Microsoft Exchange Server mail server, related to improper code generation, allows a hacker to execute arbitrary code.

The vulnerability of Microsoft Exchange Server is related to incorrect code generation management. Exploitation of this vulnerability can allow a remote attacker to execute arbitrary code...