The vulnerability of the software for centralized backup and disaster recovery management in Dell PowerProtect Data Manager arises from improper code generation. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the software for centralized backup and disaster recovery management in Dell PowerProtect Data Manager is related to improper code generation. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the application interface for managing the lifecycle of mobile devices and Ivanti Endpoint Manager Mobile (EPMM) (formerly MobileIron Core) allows a perpetrator to execute arbitrary code.

The vulnerability of the application interface for managing the lifecycle of mobile devices and Ivanti Endpoint Manager Mobile EPMM formerly MobileIron Core is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

WordPress plugin MapSVG Lite 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

WordPress plugin Ultimate Member 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in...

The vulnerability of the WebKit component in the Safari browser, available on iOS operating systems, macOS Sonoma, iPadOS, and tvOS, allows a hacker to execute arbitrary code.

The vulnerability of the WebKit component in the Safari browser, as well as in the iOS and macOS Sonoma operating systems, iPadOS, and tvOS, is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of Dropbox’s repository in the virtual learning environment Moodle allows a perpetrator to execute arbitrary code.

The vulnerability of Dropbox’s virtual learning environment Moodle is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the eval() function in Cloud Deployment modules and the Query Tool, a database management tool for pgAdmin 4, allows a hacker to execute arbitrary code.

The vulnerability of the eval function in the Cloud Deployment and Query Tool modules of the pgAdmin 4 database management tool is related to improper code generation during processing of endpoints like /sqleditor/querytool/download and /cloud/deploy, when the querycommited and highavailability...

CVE-2025-23251

NVIDIA NeMo Framework contains a vulnerability where a user could cause an improper control of generation of code by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering...

The vulnerability of the WPE WebKit and WebKitGTK web page rendering modules, related to improper code generation, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to improper code generation. Exploiting this vulnerability can allow attackers to access confidential data, compromise its integrity, and cause service failures...

The vulnerability of the JDBC driver configuration of the Kylin data processing platform allows a hacker to execute arbitrary code.

The vulnerability of the JDBC driver configuration of the Kylin data processing platform is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Fortinet FortiSOAR 代码注入漏洞

Fortinet FortiSOAR is a Security Orchestration, Automation and Response SOAR solution from Fortinet. A code injection vulnerability exists in Fortinet FortiSOAR that stems from improper code generation controls and can be exploited by an attacker to cause arbitrary code to be executed...

The vulnerability of the Windows operating system’s Search service allows a perpetrator to escalate their privileges.

The vulnerability of the Windows operating system’s Search service is related to improper code generation management. Exploiting this vulnerability can allow attackers to enhance their privileges...

IBM Security Verify Access 代码注入漏洞

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. A code injection vulnerability exists in IBM Security Verify Access versions 10.0.0.0 through 10.0.0.9 and 11.0.0.0, which stems from improper restrictions on code generation...

The vulnerability in the kernel of operating systems such as macOS, iOS, iPadOS, watchOS, tvOS, and visionOS allows attackers to escalate their privileges and execute arbitrary code.

The vulnerability of the kernel in operating systems such as macOS, iOS, iPadOS, watchOS, tvOS, and visionOS is related to improper code generation. Exploiting this vulnerability can allow attackers to increase their privileges and execute arbitrary code...

CVE-2024-31380

Improper Control of Generation of Code 'Code Injection' vulnerability in Soflyy Oxygen Builder allows Code Injection. Vendor is ignoring report, refuses to patch the issue.This issue affects Oxygen Builder: from n/a through 4.9...

CVE-2025-22204

Improper control of generation of code in the sourcerer extension for Joomla in versions before 11.0.0 lead to a remote code execution vulnerability...

The vulnerability of the TemplateHandler component in the \src\main\java\com\cms\controller\admin\TemplateController.java file of the Jfinal CMS content management system allows a hacker to execute arbitrary code.

The vulnerability of the TemplateHandler component in the \src\main\java\com\cms\controller\admin\TemplateController.java file of the Jfinal CMS content management system is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...

The vulnerability of the remember() function in the Laravel Pulse performance monitoring and application usage analysis tool allows a hacker to execute arbitrary code.

The vulnerability of the remember function in the Laravel Pulse performance monitoring and application usage analysis tool is related to improper code generation. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

The vulnerability of the setup.php file in the phpMyAdmin web application for database management systems allows a hacker to execute arbitrary PHP code.

The vulnerability of the setup.php file in the phpMyAdmin web application for database management systems is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary PHP code remotely...

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to improper code generation management, allowing an attacker to execute arbitrary code.

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to improper code generation. Exploiting these vulnerabilities allows a remote attacker to execute arbitrary code...