[SECURITY] Fedora 39 Update: rust-pyo3-macros-backend-0.22.4-1.fc39

Code generation for PyO3 package...

The vulnerability of the Expressions function on the Grafana monitoring and observation platform allows a hacker to execute arbitrary code.

The vulnerability of the Expressions function on the Grafana monitoring and observation platform is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by injecting specially crafted SQL queries...

PT-2024-33392 · Sunjianle · Ajax-Extend

Name of the Vulnerable Software and Affected Versions: Sunjianle ajax-extend versions n/a through 1.0 Description: The issue is related to improper control of code generation, allowing code injection. This vulnerability exists in Sunjianle and affects the ajax-extend component. Recommendations: F...

WordPress plugin ajax-extend 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

The vulnerability of the Cacti network monitoring software lies in improper code generation, which allows an attacker to execute arbitrary code.

The vulnerability of the Cacti network monitoring software is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by injecting specially crafted PHP code into log files...

CVE-2024-46076

RuoYi v4.7.9 and before has a security flaw that allows escaping from comments within the code generation feature, enabling the injection of malicious code...

RuoYi 安全漏洞

RuoYi is a backend management system for individual developers in China RuoYi RuoYi. A security vulnerability exists in RuoYi v4.7.9 and prior versions, which stems from a vulnerability that allows comments in the code generation function to escape, thereby injecting malicious code...

CVE-2024-46076

RuoYi v4.7.9 and before has a security flaw that allows escaping from comments within the code generation feature, enabling the injection of malicious code...

CVE-2024-46076

CVE-2024-46076 affects RuoYi v4.7.9 and earlier. The flaw allows escaping from comments inside the code generation feature, enabling injection of malicious code. The connected sources consistently state affected versions and the code-generation comment-escape issue; no remediation details are pro...

CVE-2024-46076

RuoYi v4.7.9 and before has a security flaw that allows escaping from comments within the code generation feature, enabling the injection of malicious code...

The vulnerability of the readCodeFor function in the mysql2 library allows a hacker to execute arbitrary code.

The vulnerability of the readCodeFor function in the mysql2 library relates to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

GCC: Flawed Code Generation

Background The GNU Compiler Collection includes front ends for C, C++, Objective-C, Fortran, Ada, Go, D and Modula-2 as well as libraries for these languages libstdc++,.... Description A vulnerability has been discovered in GCC. Please review the CVE identifier referenced below for details. Impac...

GLSA-202409-22 : GCC: Flawed Code Generation

The remote host is affected by the vulnerability described in GLSA-202409-22 GCC: Flawed Code Generation A vulnerability has been discovered in GCC. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the Gentoo Linux...

The vulnerability of the msp_info_htm function in D-Link DI-8300 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the mspinfohtm function in D-Link DI-8300 router microprogramming software is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using the GET request...

The vulnerability of the eval function in software platforms for automating data exchange between MindsDB queues allows a hacker to execute arbitrary code.

The vulnerability of the eval function in software platforms for automating data exchange between MindsDB queues is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by introducing a specially crafted INSERT query...

The vulnerability of the eval function in software platforms for automating data exchange between MindsDB queues allows a hacker to execute arbitrary code.

The vulnerability of the eval function in software platforms for automating data exchange between MindsDB queues is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by introducing a specially crafted INSERT query...

The vulnerability of the application software interface of the backup and recovery software for Veeam Service Provider Console (VSPC) for remote and cloud customers allows a perpetrator to execute arbitrary code.

The vulnerability of the application software interface for data backup and restoration solutions for Veeam Service Provider Console VSPC remote and cloud customers is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the backup and data recovery software for Veeam Service Provider Console (VSPC) clients that are located remotely or in the cloud lies in improper code generation. This allows an attacker to execute arbitrary code.

The vulnerability of the backup and data recovery software for Veeam Service Provider Console VSPC for remote and cloud-based customers is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Apache InLong data integration platform, related to improper control over code generation, allows attackers to execute arbitrary code.

The vulnerability of the Apache InLong data integration platform is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2024-7104

Improper Control of Generation of Code 'Code Injection' vulnerability in SFS Consulting ww.Winsure allows Code Injection. This issue affects ww.Winsure: before 4.6.2...