PT-2021-4815 · Microsoft · Virtual Machine Bus +1

Name of the Vulnerable Software and Affected Versions: Microsoft Virtual Machine Bus VMBus affected versions not specified Description: The issue is related to incorrect code generation management in the Microsoft Virtual Machine Bus VMBus component of the Windows operating system. This allows a...

PT-2021-4804 · Microsoft · Com +1

Name of the Vulnerable Software and Affected Versions: Microsoft COM for Windows affected versions not specified Description: The issue is related to incorrect code generation management in the Microsoft COM component of the Windows operating system. This can be exploited by a remote attacker to...

PT-2021-5003 · Microsoft · Malware Protection Engine

Name of the Vulnerable Software and Affected Versions: Microsoft Malware Protection Engine MPE affected versions not specified Description: The issue is related to errors in code generation management within the Microsoft Malware Protection Engine MPE. Exploitation of this issue may allow an...

PT-2021-5043 · Microsoft · Windows Ntfs +1

Name of the Vulnerable Software and Affected Versions: Windows NTFS affected versions not specified Description: The issue is related to incorrect code generation management in the Windows NTFS file system, allowing remote attackers to execute arbitrary code using a specially crafted request. Thi...

PT-2021-5265 · Microsoft · Windows Media Foundation +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Media Foundation affected versions not specified Description: The issue is related to incorrect code generation management in the Microsoft Windows Media Foundation component of the Windows operating system. It allows remote...

PT-2021-5070 · Microsoft · Office Excel +1

Name of the Vulnerable Software and Affected Versions: Microsoft Excel affected versions not specified Description: The issue is related to incorrect code generation management in Microsoft Excel, allowing remote attackers to execute arbitrary code. This can be exploited by attackers to gain...

Fedora: Security Advisory for CuraEngine (FEDORA-2021-16d848834d)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2021-42754

An improper control of generation of code vulnerability CWE-94 in FortiClientMacOS versions 7.0.0 and below and 6.4.5 and below may allow an authenticated attacker to hijack the MacOS camera without the user permission via the malicious dylib file...

CVE-2021-42754

An improper control of generation of code vulnerability CWE-94 in FortiClientMacOS versions 7.0.0 and below and 6.4.5 and below may allow an authenticated attacker to hijack the MacOS camera without the user permission via the malicious dylib file...

CVE-2021-42754

Fortinet FortiClientMacOS (versions ≤7.0.0 and ≤6.4.5) is affected by CVE-2021-42754 due to an improper control of code generation (CWE-94). A malicious dylib loader can cause FortiClient’s camera handling to hijack the MacOS camera without user permission. The vulnerability requires an authentic...

CVE-2021-42754

An improper control of generation of code vulnerability CWE-94 in FortiClientMacOS versions 7.0.0 and below and 6.4.5 and below may allow an authenticated attacker to hijack the MacOS camera without the user permission via the malicious dylib file...

The vulnerability of the Python programming language library pyxdg, related to improper code generation, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Python programming language library pyxdg is related to the lack of sanitization processing in xdg/Menu.py before the call to eval. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failure...

Generated code can read and write out of bounds in safe code

Code generated by flatbuffers' compiler is unsafe but not marked as such. See https://github.com/google/flatbuffers/issues/6627 for details. For example, if generated code is used to decode malformed or untrusted input, undefined behavior and thus security vulnerabilities is possible even without...

The vulnerability of the software project for packaging and collaborative use of interactive reproducible environments BinderHub, related to improper code generation management, allows a perpetrator to execute arbitrary code.

The vulnerability of the software project for packaging and collaborative use of interactive reproducible environments BinderHub is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the VPN gateway web interface for corporate networks, Pulse Connect Secure, related to improper code generation, allows a hacker to execute arbitrary code.

The vulnerability of the VPN gateway web interface for corporate networks in Pulse Connect Secure is related to incorrect code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of Microsoft Excel editors, related to improper handling of code generation, allows attackers to escalate their privileges.

The vulnerability of Microsoft Excel editors is related to improper handling of code generation. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

The vulnerability of the Media Foundation component in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Media Foundation component in Windows operating systems is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Windows Graphics component of the Windows operating system, related to errors in code generation, allows a hacker to execute arbitrary code.

The vulnerability of the Windows Graphics component of the Windows operating system is related to errors in code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server lies in improper code generation management, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server is related to improper code generation management. Exploitation of this vulnerability can allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Media Audio Decoder decoder in the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Media Audio Decoder driver for the Windows operating system is related to errors in code generation. Exploiting this vulnerability could allow an attacker to execute arbitrary code...