Improper Control of Dynamically-Managed Code Resources

Overview org.webjars.npm:vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Improper Control of Dynamically-Managed Code Resources through the WebAssembly.promising and WebAssembly.Suspending JSPI APIs in...

Improper Control of Dynamically-Managed Code Resources

Overview org.webjars.npm:vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Improper Control of Dynamically-Managed Code Resources via the localPromise constructor in lib/setup-sandbox.js. An attacker can obta...

Improper Control of Dynamically-Managed Code Resources

Overview vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Improper Control of Dynamically-Managed Code Resources through the lib/bridge.js apply trap and thisEnsureThis proto-walk. An attacker can obtain hos...

Exploit for Improper Control of Dynamically-Managed Code Resources in Apache Airflow_Providers_Http

CVE-2025-69219 — Apache Airflow Providers HTTP RCE via Unsafe...

Crafter CMS has Improper Control of Dynamically-Managed Code Resources

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE Remote Code...

CrafterCMS 安全漏洞

CrafterCMS is a Java-based CMS developed by CrafterCMS Inc. There is a security vulnerability in CrafterCMS, which stems from improper control over dynamically managed code resources. This vulnerability could allow authenticated developers to bypass sandbox restrictions and execute OS commands...

Exploit for Improper Control of Dynamically-Managed Code Resources in N8N

Poc Proof of Concept 1. Open n8n in your browser -...

Improper Control of Dynamically-Managed Code Resources

Overview n8n-workflow is a Workflow base code of n8n Affected versions of this package are vulnerable to Improper Control of Dynamically-Managed Code Resources via the workflow expression evaluation system. An authenticated attacker can execute arbitrary code with the privileges of the underlying...

CVE-2025-14695 SamuNatsu HaloBot Inter-plugin API index.js html_renderer dynamically-managed code resources

A vulnerability was determined in SamuNatsu HaloBot up to 026b01d4a896d93eaaf9d5163a287dc9f267515b. Affected is the function htmlrenderer of the file plugins/htmlrenderer/index.js of the component Inter-plugin API. Executing manipulation of the argument action can lead to dynamically-managed code...

CVE-2025-14695 SamuNatsu HaloBot Inter-plugin API index.js html_renderer dynamically-managed code resources

A vulnerability was determined in SamuNatsu HaloBot up to 026b01d4a896d93eaaf9d5163a287dc9f267515b. Affected is the function htmlrenderer of the file plugins/htmlrenderer/index.js of the component Inter-plugin API. Executing manipulation of the argument action can lead to dynamically-managed code...

CVE-2025-14695

This CVE concerns SamuNatsu HaloBot, affecting the Inter-plugin API component. The vulnerability is in plugins/html_renderer/index.js, within the html_renderer function, where manipulation of the action argument can result in dynamically-managed code resources. The issue is exploitable remotely a...

HaloBot 安全漏洞

HaloBot is a robotics framework by the individual developers at SNRainiar. A security vulnerability exists in HaloBot, which stems from the incorrect manipulation of the parameter action in the file plugins/htmlrenderer/index.js, which could lead to dynamically managed code resources...

CVE-2025-13659

Improper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote, unauthenticated attacker to write arbitrary files on the server, potentially leading to remote code execution. User interaction is required...

Synology DiskStation Manager (DSM) Privilege Escalation (Synology-SA-24:27) - Remote Known Vulnerable Versions Check

Synology DiskStation Manager DSM is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2024-5401

Improper control of dynamically-managed code resources vulnerability in WebAPI component in Synology DiskStation Manager DSM before 7.1.1-42962-8 and 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller DSMUC before 3.1.4-23079 allows remote authenticated users to obtain privileges witho...

CVE-2025-26405

Improper control of dynamically-managed code resources for some IntelR NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

CVE-2025-26405

Affected product: Intel® NPU Driver for Linux (Ring 3: User Applications). Vulnerability: Improper control of dynamically-managed code resources can lead to a denial of service. An unprivileged, authenticated user with low attack complexity and passive user interaction may trigger DoS via local a...

CVE-2025-26405

Improper control of dynamically-managed code resources for some IntelR NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

VulnCheck KEV: CVE-2023-50386

Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1. In the affected...

Arbitrary Code Execution

@thi.ng/paths is vulnerable to arbitrary code execution. The vulnerability is due to improper control of dynamically-managed code resources due to the handling of object properties in the mutIn and mutInManyUnsafe methods...