CVE-2024-10094

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...

CVE-2024-31380

Improper Control of Generation of Code 'Code Injection' vulnerability in Soflyy Oxygen Builder allows Code Injection. Vendor is ignoring report, refuses to patch the issue.This issue affects Oxygen Builder: from n/a through 4.9...

CVE-2025-22204

Improper control of generation of code in the sourcerer extension for Joomla in versions before 11.0.0 lead to a remote code execution vulnerability...

Joomla! 安全漏洞

Joomla! is a free, open source content management system from Joomla! open source. A security vulnerability exists in Joomla! prior to version 11.0.0, which stems from a remote code execution vulnerability due to improper code generation control...

PT-2025-4388 · Joomla · Sourcerer

Name of the Vulnerable Software and Affected Versions: Sourcerer extension for Joomla versions prior to 11.0.0 Description: The issue arises from improper control of code generation in the Sourcerer extension for Joomla, leading to a remote code execution vulnerability. Recommendations: For...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 135, which stems from an error in WebAssembly code generation that could cause a crash...

PT-2025-1218 · Microsoft · Power Automate

Name of the Vulnerable Software and Affected Versions: Microsoft Power Automate affected versions not specified Description: The issue is related to incorrect code generation management in the Power Automate platform. Exploitation of this issue may allow an attacker to execute arbitrary code...

WordPress plugin s2Member Pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-9204 · Abb · Abb Aspect +2

Name of the Vulnerable Software and Affected Versions: ABB ASPECT - Enterprise version 3.08.02 NEXUS Series version 3.08.02 MATRIX Series version 3.08.02 Description: The issue is related to incorrect code generation management in the firmware of embedded network controllers for building...

PT-2024-9294 · Qlik · Qlik Sense Enterprise For Windows

Name of the Vulnerable Software and Affected Versions: Qlik Sense Enterprise for Windows versions prior to November 2024 IR Description: The issue allows unprivileged users with network access to execute remote commands, potentially causing high availability damages, including high integrity and...

ROS-20241203-15

Go programming language vulnerability is related to errors in handling whitespace characters in context JavaScript. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity, and availability of protected information. affect the confidentiality,...

Arbitrary Code Injection

Overview pycel is an A library for compiling excel spreadsheets to python code & visualizing them as a graph Affected versions of this package are vulnerable to Arbitrary Code Injection through the code generation from a crafted formula in an Excel spreadsheet cell. An attacker can execute...

CVE-2024-10094

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...

CVE-2024-10094

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...

CVE-2024-10094

CVE-2024-10094 affects Pega Platform versions 6.x through Infinity 24.1.1 due to an issue with Improper Control of Generation of Code. Connected sources consistently identify this as the affected product and root cause. Public details mention a large range of versions but do not provide a confirm...

CVE-2024-10094

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...

CVE-2024-10094

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...

Pegasystem PEGA Platform 安全漏洞

Pegasystem PEGA Platform is a suite of application development platforms from Pegasystem, USA. The platform is used to develop applications such as BPM Business Process Management, Case Management, Real-Time Decision Making and CRM Customer Relationship Management. A security vulnerability exists...

PT-2024-16022 · Pegasystems · Pega Platform

Name of the Vulnerable Software and Affected Versions: Pega Platform versions 6.x through Infinity 24.1.1 Description: The issue is related to Improper Control of Generation of Code. No information is provided about the estimated number of potentially affected devices worldwide or real-world...

PT-2024-8093

Name of the Vulnerable Software and Affected Versions: TorchGeo affected versions not specified Description: The issue is related to incorrect code generation management in the TorchGeo library, which handles geospatial data. This can allow a remote attacker to execute arbitrary code...