CVE-2023-6548

Improper Control of Generation of Code 'Code Injection' in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated low privileged remote code execution on Management Interface...

The vulnerability of the user interface for searching the platform that creates collaborative web applications – XWiki Platform. XWiki allows a perpetrator to execute arbitrary code.

The vulnerability of the user interface for searching the XWiki Platform, a platform for creating collaborative web applications, is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the XWiki platform, which is related to improper code generation management, allows a perpetrator to execute arbitrary code.

The vulnerability of the XWiki Platform lies in improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Struts2 software component for managing power supply sources in Voltronic Power View allows a perpetrator to execute arbitrary code.

The vulnerability of the Struts2 component in the software for managing power sources of Voltronic Power ViewPower Pro is related to improper code generation. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

CVE-2023-47840

Improper Control of Generation of Code 'Code Injection' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2...

CVE-2023-46623

Improper Control of Generation of Code 'Code Injection' vulnerability in TienCOP WP EXtra.This issue affects WP EXtra: from n/a through 6.2...

PT-2023-8708 · Unknown · Myq Print Server

Name of the Vulnerable Software and Affected Versions: MyQ Print Server affected versions not specified Description: The issue is related to incorrect code generation management in the MyQ Print Server, allowing a remote attacker to execute arbitrary code. This could potentially expose sensitive...

The vulnerability of the Helix Core version control software, related to improper code generation management, allows a perpetrator to execute arbitrary code.

The vulnerability of the Helix Core version control software is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Apache OFBiz resource planning software lies in its incorrect code generation management, allowing attackers to execute arbitrary code.

The vulnerability of the Apache OFBiz resource planning software lies in improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

PT-2023-32139 · Frauscher · Fds102 For Fadc/Fadci +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: This issue allows a remote attacker with low privileges to exploit Improper Control of Generation of Code, also known as 'Code Injection', to gain full...

The vulnerability of the Apache Airflow Hive Provider, a network software tool, arises from improper code generation management. This allows an attacker to execute arbitrary code.

The vulnerability of the Apache Airflow Hive Provider network software is related to incorrect code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the GE Proficy HMI/SCADA iFIX software control system lies in improper code generation, which allows attackers to gain full control over the software.

The vulnerability of the GE Proficy HMI/SCADA iFIX supervisory control software lies in improper code generation. Exploiting this vulnerability can allow an attacker to gain full control over the software by introducing a malicious configuration file into the expected web server execution path...

The vulnerability of the agent of the Zabbix monitoring system allows a intruder to execute arbitrary code.

The vulnerability of the Zabbix universal monitoring agent is related to incorrect code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the WEB CLI interface (component koko) of the JumpServer security audit system allows a perpetrator to execute arbitrary commands.

The vulnerability of the WEB CLI interface component koko of the JumpServer security audit and maintenance system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the WebAssembly module of the Node.js software platform, allowing a hacker to execute arbitrary commands

The vulnerability of the WebAssembly module in the Node.js software platform is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of Visual Studio Code’s source editor is related to inadequate control over code generation, allowing attackers to execute arbitrary code.

The vulnerability of the Visual Studio Coded source editor is related to inadequate control over code generation. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the Electron application development framework is related to inadequate control over code generation, allowing attackers to execute arbitrary code.

The vulnerability of the Electron application development framework is related to inadequate control over code generation. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the virtual learning environment Moodle, related to improper code generation, allows a perpetrator to execute arbitrary code.

The vulnerability in the virtual learning environment Moodle is related to incorrect code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the virtual learning environment Moodle, related to improper code generation, allows a perpetrator to execute arbitrary code.

The vulnerability in the virtual learning environment Moodle is related to incorrect code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Weak 2FA Code Generation

Fides is vulnerable to Weak Code Generation. The vulnerability is due to the usage of the python random module used for generating one time codes in the Privacy and Consent request process which is considered to be a cryptographically weak pseudo-random number generator. This issue allows an...