The vulnerability of the Docker Desktop platform for developing and delivering container applications lies in its improper code generation management, allowing an attacker to execute arbitrary code.

The vulnerability of the Docker Desktop platform for developing and delivering container applications is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to inject arbitrary code into the system...

The vulnerability of the OpenEMR software for managing medical organizations, related to improper handling of code generation, allows a hacker to redirect users to any arbitrary URL address.

The vulnerability of the OpenEMR software for managing medical organizations is related to incorrect code generation. Exploiting this vulnerability allows a malicious actor to redirect users to any arbitrary URL address...

The vulnerability of the Ansible Semaphore configuration management interface, related to improper control of code generation, allows a attacker to execute arbitrary code.

The vulnerability of the Ansible Semaphore configuration management interface is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the MODULYS GP (MOD3GP-SY-120K) module-based power supply management web application allows a attacker to execute arbitrary code.

The vulnerability of the MODULYS GP MOD3GP-SY-120K module-based power supply management web application is related to incorrect code generation. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the JDBC client driver of the IBM DB2 database management system allows a hacker to execute arbitrary code.

The vulnerability of the JDBC client driver of the IBM DB2 database management system is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the JDBC client driver of the IBM DB2 database management system allows a hacker to execute arbitrary code.

The vulnerability of the JDBC client driver of the IBM DB2 database management system is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the go.mod file in the Go programming language allows a hacker to elevate their privileges and execute arbitrary code.

The vulnerability of the go.mod file in the Go programming language is related to improper handling of code generation during the loading of the Go Toolchain. Exploiting this vulnerability allows an attacker to enhance their privileges and execute arbitrary code...

The vulnerability of the Metabase data visualization and reporting software, related to improper code generation management, allows a perpetrator to execute arbitrary code.

The vulnerability of the Metabase data visualization and reporting software is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Amazon Linux 2023 : cpp, gcc, gcc-c++ (ALAS2023-2023-342)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-342 advisory. An issue was found in a defense in depth feature of the GCC compiler on aarch64 platforms. The stack protector feature -fstack-protector did not detect or defend against overflows of dynamically-sized...

Medium: gcc

Issue Overview: An issue was found in a defense in depth feature of the GCC compiler on aarch64 platforms. The stack protector feature -fstack-protector did not detect or defend against overflows of dynamically-sized local variables. This update to the GCC compiler remedies code generation for th...

PT-2023-7219 · Zabbix +3 · Zabbix +3

Name of the Vulnerable Software and Affected Versions: Go versions prior to 1.21 Zabbix affected versions not specified Description: The issue concerns the improper handling of backticks in Javascript template literals within Go templates, potentially allowing for the injection of arbitrary...

The vulnerability of the library for accessing and creating SQLite JDBC files is related to improper code generation. This allows an attacker to execute arbitrary code.

The vulnerability of the library for accessing and creating SQLite JDBC files is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the XWiki Platform, a platform for creating collaborative web applications, related to improper code generation, allows attackers to execute arbitrary code.

The vulnerability of the XWiki Platform lies in improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

PT-2023-5312 · Ansible · Ansible

Name of the Vulnerable Software and Affected Versions: ansible semaphore version 2.8.90 Description: The issue in ansible semaphore allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter. This is related to incorrect code generation management in...

The vulnerability of the Ffmpeg multimedia library in Google Chrome browser allows a hacker to execute arbitrary code.

The vulnerability of the Ffmpeg multimedia library in the Google Chrome browser is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code via a specially crafted HTML page from a remote location...

The vulnerability of the SAP SQL Anywhere relational database management system, related to the incorrect code generation in the SAP PowerDesigner architecture modeling tool, allows an attacker to gain full control over the application.

The vulnerability of the SAP SQL Anywhere relational database management system, related to the integration of a malicious library due to improper code generation, affects the SAP PowerDesigner architecture modeling tool. Exploiting this vulnerability can allow attackers to gain full control over...

PT-2023-4252 · Sap · Sap Powerdesigner +2

Name of the Vulnerable Software and Affected Versions: SAP SQLA for PowerDesigner 17 bundled with SAP PowerDesigner 16.7 SP06 PL03 Description: The issue is related to the integration of a malicious library due to incorrect code generation management in the SAP SQL Anywhere tool for SAP...

The vulnerability of RocketMQ’s messaging platform’s NameServer component allows a hacker to execute arbitrary commands on behalf of a user.

The vulnerability of the NameServer component of the RocketMQ messaging platform is related to incorrect code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on behalf of users remotely...

The vulnerability of the Cgo extension in the Go programming language allows a hacker to execute arbitrary code.

The vulnerability of the Cgo programming language extension is related to improper code generation when processing arguments from the CgoLDFLAGS directive. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of Citrix ADC application delivery controllers (formerly known as Citrix NetScaler Application Delivery Controller) and Citrix Gateway access control systems (formerly known as Citrix NetScaler Gateway) stems from improper code generation, allowing attackers to execute arbitrary code.

The vulnerability of the Citrix ADC application delivery controller formerly Citrix NetScaler Application Delivery Controller and the Citrix Gateway access control system formerly Citrix NetScaler Gateway is related to improper code generation. Exploiting this vulnerability allows a malicious act...