Dynamic Variable Evaluation

Overview composio-core is a Core package to act as a bridge between composio platform and other services. Affected versions of this package are vulnerable to Dynamic Variable Evaluation through the eval function in the mathematicalcalculator endpoint. An attacker can execute arbitrary code by...

CVE-2024-40673

In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by manipulating Dynamic Code Loading due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...

UBUNTU-CVE-2024-40673

In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by manipulating Dynamic Code Loading due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...

CVE-2024-40673

In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by manipulating Dynamic Code Loading due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...

The vulnerability of the Chamilo LMS electronic learning and content management system lies in the lack of measures to neutralize instructions within the dynamically executed code, allowing a violator to execute arbitrary code.

The vulnerability of the Chamilo LMS electronic learning and content management system lies in the lack of measures taken to neutralize instructions within the dynamically executed code. Exploitation of this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the DatabaseSearch function in the XWiki platform, a tool for creating collaborative web applications. This vulnerability allows attackers to execute arbitrary code.

The vulnerability of the DatabaseSearch function in the XWiki platform for creating collaborative web applications stems from the lack of measures taken to neutralize instructions in dynamically executed code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remote...

PT-2024-28980 · Oracle · Java

Name of the Vulnerable Software and Affected Versions: Java affected versions not specified Description: The issue allows an attacker to execute arbitrary code by manipulating Dynamic Code Loading due to improper input validation. This could lead to remote code execution with no additional...

ASB-A-309938635

In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by manipulating Dynamic Code Loading due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...

PT-2024-8549

Name of the Vulnerable Software and Affected Versions Chamilo LMS affected versions not specified Description The issue is related to the lack of measures to neutralize instructions in dynamically executed code in the Chamilo LMS electronic learning and content management system. Exploitation of...

VulnCheck KEV: CVE-2023-50386

Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1. In the affected...

The vulnerability of the XWiki platform, which is related to the failure to implement measures to neutralize instructions in dynamically executed code, allows a perpetrator to execute arbitrary code.

The vulnerability of the XWiki Platform lies in the lack of measures taken to neutralize instructions within the dynamically executed code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Node.js software library OpenVPN Connect allows a hacker to execute arbitrary code.

The vulnerability of the Node.js software product OpenVPN Connect relates to the lack of measures to neutralize instructions in the dynamically executed code. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Arbitrary Code Execution

@thi.ng/paths is vulnerable to arbitrary code execution. The vulnerability is due to improper control of dynamically-managed code resources due to the handling of object properties in the mutIn and mutInManyUnsafe methods...

BIT-SOLR-2023-50386 Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets

Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1. In the affected...

DEBIAN-CVE-2023-50292

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configu...

Apache Solr Code Issue Vulnerability

Apache Solr is the United States Apache Apache Foundation of a search server based on Lucene a full-text search engine. The product supports level search , vertical search , highlighting search results and so on. A code issue vulnerability exists in Apache Solr versions 6.0.0 through 8.11.2 and...

The vulnerability of Websoft HCM’s automation software for HR processes lies in the lack of measures to neutralize instructions in dynamically executed code, allowing attackers to execute arbitrary commands within the system.

The vulnerability of Websoft HCM’s automation software for HR processes stems from the failure to implement measures to neutralize instructions within the dynamically executed code. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands within the system...

The vulnerability of the OpenVPN Connect software lies in its inability to properly execute instructions in the dynamically executed code, allowing a violator to execute arbitrary code.

The vulnerability of the OpenVPN Connect software is related to the failure to implement measures to neutralize the instructions in the dynamically executed code. Exploiting this vulnerability can allow an attacker to execute arbitrary code using the DYILDINSERTLIBRARIES environment variable...

PT-2024-1066 · Openvpn · Openvpn Connect

Name of the Vulnerable Software and Affected Versions: OpenVPN Connect versions 3.0 through 3.4.6 Description: The issue is related to the failure to neutralize instructions in dynamically executed code. Exploitation of this issue may allow an attacker to execute arbitrary code using the DYLD...

The vulnerability of the Read() function in the open-source cryptographic algorithm library Circl allows a perpetrator to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Read function in the open-source cryptographic algorithm library Circl is related to insufficient validation of input data and the failure to eliminate instructions in dynamically executed code. Exploiting this vulnerability can allow attackers to compromise the...