The vulnerability of the htmlawed module in the GLPI system for job requests, incidents, and computer equipment inventory allows a hacker to inject arbitrary PHP code.

The vulnerability of the htmlawed module in the GLPI system for job requests, incidents, and computer equipment inventory management is related to incorrect code generation. Exploiting this vulnerability allows a malicious actor to inject arbitrary PHP code remotely...

The vulnerability of the PHP Smarty templater, related to improper handling of code generation, allows attackers to execute arbitrary PHP code.

The vulnerability of the PHP Smarty templater is related to improper handling of code generation. Exploiting this vulnerability allows an attacker to execute arbitrary PHP code on the target system...

CVE-2024-21760

An improper control of generation of code 'Code Injection' vulnerability CWE-94 in FortiSOAR Connector FortiSOAR 7.4 all versions, 7.3 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an authenticated attacker to execute arbitrary code on the host via a playbook code...

Fortinet FortiSOAR 代码注入漏洞

Fortinet FortiSOAR is a Security Orchestration, Automation and Response SOAR solution from Fortinet. A code injection vulnerability exists in Fortinet FortiSOAR that stems from improper code generation controls and can be exploited by an attacker to cause arbitrary code to be executed...

The vulnerability in the GraphQL library for Ruby and the git-based software platform for collaborative code development on GitLab CE/EE arises from improper code generation management. This vulnerability allows a perpetrator to execute arbitrary code.

The vulnerability of the GraphQL library for Ruby and the git-based software platform used for collaborative code development on GitLab CE/EE is related to improper code generation management. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the Model.load_model function in the Keras library allows a hacker to execute arbitrary code.

The vulnerability of the Model.loadmodel function in the Keras library is related to incorrect code generation. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability in the WebAssembly component of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, allows a attacker to trigger a service failure.

The vulnerability of the WebAssembly component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, is related to improper code generation. Exploiting this vulnerability can allow an attacker to cause service interruptions...

The vulnerability of the SAP BusinessObjects Business Intelligence Platform, related to improper code generation management, allows attackers to execute arbitrary code, gain unauthorized access to protected information, and enhance their privileges.

The vulnerability of the SAP BusinessObjects Business Intelligence Platform is related to improper code generation management. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely, gain unauthorized access to protected information, and increase their privileges...

The vulnerability of the Windows operating system’s Search service allows a perpetrator to escalate their privileges.

The vulnerability of the Windows operating system’s Search service is related to improper code generation management. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the formexeCommand() function in the Tenda AC6 router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the formexeCommand function in the Tenda AC6 router’s microprogramming software is related to incorrect code generation during the processing of the cmdinput parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the XWiki.SearchSuggestSourceClass class in the XWiki platform, a collaborative web application platform. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the XWiki.SearchSuggestSourceClass in the XWiki platform is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

CVE-2025-0161

IBM Security Verify Access Appliance 10.0.0.0 through 10.0.0.9 and 11.0.0.0 could allow a local user to execute arbitrary code due to improper restrictions on code generation...

CVE-2025-0161

IBM Security Verify Access Appliance 10.0.0.0 through 10.0.0.9 and 11.0.0.0 could allow a local user to execute arbitrary code due to improper restrictions on code generation...

CVE-2025-0161

IBM Security Verify Access Appliance 10.0.0.0 through 10.0.0.9 and 11.0.0.0 could allow a local user to execute arbitrary code due to improper restrictions on code generation...

IBM Security Verify Access 代码注入漏洞

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. A code injection vulnerability exists in IBM Security Verify Access versions 10.0.0.0 through 10.0.0.9 and 11.0.0.0, which stems from improper restrictions on code generation...

The vulnerability in the kernel of operating systems such as macOS, iOS, iPadOS, watchOS, tvOS, and visionOS allows attackers to escalate their privileges and execute arbitrary code.

The vulnerability of the kernel in operating systems such as macOS, iOS, iPadOS, watchOS, tvOS, and visionOS is related to improper code generation. Exploiting this vulnerability can allow attackers to increase their privileges and execute arbitrary code...

firefox: thunderbird: A bug in WebAssembly code generation could result in a crash

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A bug in WebAssembly code generation could lead to a crash. It may be possible for an attacker to leverage this to achieve code execution...

firefox: thunderbird: A bug in WebAssembly code generation could result in a crash

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A bug in WebAssembly code generation could lead to a crash. It may be possible for an attacker to leverage this to achieve code execution...

The vulnerability of the numexpr library in the framework for creating applications based on the combination of model languages like LangChain allows attackers to execute arbitrary code.

The vulnerability of the numexpr library used by the LangChain model-based application framework is related to improper code generation control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

firefox: thunderbird: A bug in WebAssembly code generation could result in a crash

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A bug in WebAssembly code generation could lead to a crash. It may be possible for an attacker to leverage this to achieve code execution...