CVE-2024-1552

Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.Note: This issue only affects 32-bit ARM devices. This vulnerability affects Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8...

Security Vulnerabilities fixed in Firefox 123 — Mozilla

When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website with the victim...

Security Vulnerabilities fixed in Thunderbird 115.8 — Mozilla

When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website with the victim...

Mozilla Firefox ESR < 115.8

The version of Firefox ESR installed on the remote Windows host is prior to 115.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-06 advisory. - Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.Note:...

The vulnerability of the SAP Application Interface Framework, a software tool for developing and managing application interfaces, arises from improper code generation. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the SAP Application Interface Framework, a software tool for developing and managing application interfaces, is related to improper code generation. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of data...

The vulnerability of the Inter-Device Communication component of Cisco Firepower Threat Defense’s microprogramming software and Cisco Firepower Management Center’s network management software allows a attacker to execute arbitrary commands with root privileges.

The vulnerability of the Inter-Device Communication component of Cisco Firepower Threat Defense’s microprogramming-based network interface controllers, as well as the Cisco Firepower Management Center’s network management software, is related to improper code generation. Exploiting this...

The vulnerability of the XWiki platform, which is related to improper code generation management, allows a perpetrator to execute arbitrary code.

The vulnerability of the XWiki Platform lies in improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

VulnCheck KEV: CVE-2024-25918

Improper Control of Generation of Code 'Code Injection' vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through = 0.1.0.8...

The vulnerability of the XWiki Platform, related to improper code generation management, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the XWiki Platform lies in improper code generation management. Exploiting this vulnerability allows an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of protected information through the use of the section URL parameter...

The vulnerability of the Extensive VC Addons plugin of the WordPress content management system allows attackers to expose sensitive information that should be protected.

The vulnerability of the Extensive VC Addons plugin of the WordPress content management system is related to improper code generation. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

PT-2024-5016 · Sap · Sap Aba

Name of the Vulnerable Software and Affected Versions: SAP ABA Application Basis versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75I Description: The issue in SAP ABA is related to incorrect code generation management, allowing an attacker with remote execution authorization to use a...

PT-2024-3137 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based affected versions not specified Description: The issue is related to incorrect code generation management in Microsoft Edge, allowing a remote attacker to bypass existing security restrictions. There is no...

The vulnerability of the user registration function of the XWiki Platform allows a perpetrator to execute arbitrary code.

The vulnerability of the user registration function of the XWiki Platform is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the ServiceNow Data Flow data management platform, related to improper code generation, allows a malicious actor to execute arbitrary code.

The vulnerability of the Data Flow management platform ServiceNow is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the digital platform for Miro’s collaborative work with macOS operating systems arises from improper code generation management. This allows a hacker to execute arbitrary code.

The vulnerability of the digital platform for Miro’s collaborative work with macOS operating systems is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the web interface of the E-DDC3.3 automation station’s microprogramming software allows a perpetrator to execute arbitrary commands.

The vulnerability of the E-DDC3.3 automation station’s web interface involves incorrect code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending specially crafted web requests via the CGI protocol...

PT-2024-4418 · Clang +2 · Clang +2

Name of the Vulnerable Software and Affected Versions: LLVM versions prior to 18.1.3 Description: The issue is related to a buffer overflow in memory when handling the LR register connection due to incorrect code generation management. This can lead to an exploitable error in the flow of control,...

The vulnerability of HtmlUnit, a web browser without a graphical interface, is related to improper code generation. This allows attackers to execute arbitrary code.

The vulnerability of HtmlUnit, a browser without a graphical interface, is related to incorrect code generation. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the AppleMobileFileIntegrity component in the macOS operating system allows a perpetrator to execute arbitrary code.

The vulnerability of the AppleMobileFileIntegrity component in the macOS operating system is related to improper code generation. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of Citrix ADC application delivery controllers (formerly known as Citrix NetScaler Application Delivery Controller) and Citrix Gateway access control systems (formerly known as Citrix NetScaler Gateway) stems from improper code generation, allowing attackers to execute arbitrary code.

The vulnerability of Citrix ADC application delivery controllers formerly known as Citrix NetScaler Application Delivery Controller, as well as the Citrix Gateway access control system formerly known as Citrix NetScaler Gateway, is related to improper code generation. Exploiting this vulnerabilit...