36173 matches found
CVE-2026-33862
A vulnerability has been identified in Teamcenter V2312 All versions V2312.0014, Teamcenter V2406 All versions V2406.0012, Teamcenter V2412 All versions V2412.0009, Teamcenter V2506 All versions V2506.0005, Teamcenter V2512 All versions. The affected application does not properly encode or filter...
CVE-2026-33862
A vulnerability has been identified in Teamcenter V2312 All versions V2312.0014, Teamcenter V2406 All versions V2406.0012, Teamcenter V2412 All versions V2412.0009, Teamcenter V2506 All versions V2506.0005, Teamcenter V2512 All versions. The affected application does not properly encode or filter...
CVE-2026-33862
The CVE-2026-33862 entry concerns Siemens Teamcenter versions 2312 (<2312.0014), 2406 (<2406.0012), 2412 (<2412.0009), 2506 (
CVE-2026-33862
A vulnerability has been identified in Teamcenter V2312 All versions V2312.0014, Teamcenter V2406 All versions V2406.0012, Teamcenter V2412 All versions V2412.0009, Teamcenter V2506 All versions V2506.0005, Teamcenter V2512 All versions. The affected application does not properly encode or filter...
EUVD-2026-29361
Due to a Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform, an authenticated attacker could send specially crafted inputs to the application. If processed by the application, this input could be delivered to users subscribed to the channel and result ...
CVE-2026-40129
Due to a Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform, an authenticated attacker could send specially crafted inputs to the application. If processed by the application, this input could be delivered to users subscribed to the channel and result ...
Exploit for Code Injection in Praison Praisonai
praison-exp...
CVE-2026-27760
OpenCATS prior to commit 3002a29 contains a PHP code injection vulnerability in the installer AJAX endpoint that allows unauthenticated attackers to execute arbitrary code by injecting PHP statements into the databaseConnectivity action parameter. Attackers can break out of the define string...
CVE-2026-40129
The vulnerability CVE-2026-40129 affects SAP Application Server ABAP for SAP NetWeaver and ABAP Platform. A code injection flaw allows an authenticated attacker to submit specially crafted inputs that, if processed, can be delivered to channel subscribers and execute code on behalf of other users...
CVE-2026-40129 Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform
Due to a Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform, an authenticated attacker could send specially crafted inputs to the application. If processed by the application, this input could be delivered to users subscribed to the channel and result ...
CVE-2026-40129 Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform
Due to a Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform, an authenticated attacker could send specially crafted inputs to the application. If processed by the application, this input could be delivered to users subscribed to the channel and result ...
CVE-2026-40129
Due to a Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform, an authenticated attacker could send specially crafted inputs to the application. If processed by the application, this input could be delivered to users subscribed to the channel and result ...
CVE-2026-34263
Due to improper Spring Security configuration, SAP Commerce Cloud allows an unauthenticated user to perform malicious input injection, resulting in arbitrary server-side code execution, leading to high impact on Confidentiality, Integrity, and Availability of the application...
CVE-2026-34263 Missing authentication check in SAP Commerce cloud configuration
Due to improper Spring Security configuration, SAP Commerce Cloud allows an unauthenticated user to perform malicious input injection, resulting in arbitrary server-side code execution, leading to high impact on Confidentiality, Integrity, and Availability of the application...
PT-2026-40120
Guardrails AI thru 0.6.7 contains a code injection vulnerability CWE-94 in its Hub package installation mechanism. When installing validator packages via guardrails hub install, the system retrieves a manifest from the Guardrails Hub and dynamically executes a script specified in the post install...
Scramble 代码注入漏洞
Scramble is a tool developed by de:doc for automatically generating API documentation for Laravel projects. Versions of Scramble from 0.13.2 to 0.13.22 contained a code injection vulnerability. This vulnerability stemmed from the exposed documentation endpoints and the use of validation rules tha...
Microsoft Data Formulator 代码注入漏洞
Microsoft Data Formulator is an AI data visualization and analysis tool developed by Microsoft Corporation in the United States, powered by large language models. Microsoft Data Formulator has a code injection vulnerability. Attackers can exploit this vulnerability to execute code remotely...
SPIP 代码注入漏洞
SPIP is an open-source software developed by SPIP for creating Internet websites. Versions of SPIP prior to 4.4.14 had a code injection vulnerability, which was caused by remote code execution from private spaces, potentially allowing arbitrary code to be executed...
Google Chrome 代码注入漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a code injection vulnerability. This vulnerability stemmed from the SanitizerAPI component’s script injection mechanism, which could allow remote attackers to inject arbitrary scrip...
CVE-2026-31236
The CVE-2026-31236 issue affects the llm CLI tool up to version 0.27.1. The vulnerability arises from the --functions argument, which accepts user-provided Python definitions and is executed with unsafe exec() without sanitization or sandboxing, enabling arbitrary code execution on a victim’s sys...