Improper Control of Dynamically-Managed Code Resources

Overview org.webjars.npm:vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Improper Control of Dynamically-Managed Code Resources through the lib/bridge.js apply trap and thisEnsureThis proto-walk. An attacke...

n8n Improper Control of Dynamically-Managed Code Resources Vulnerability

n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for remote code execution...

Improper Control of Dynamically-Managed Code Resources

Overview Affected versions of this package are vulnerable to Improper Control of Dynamically-Managed Code Resources via the Groovy Sandbox. An attacker can execute arbitrary operating system commands by injecting malicious Groovy elements to bypass sandbox restrictions. Remediation Upgrade...

GHSA-GJ28-GW7W-3PXC Crafter CMS has Improper Control of Dynamically-Managed Code Resources

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE Remote Code...

EUVD-2026-5112

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE Remote Code...

Synology DiskStation Manager Improper Control of Dynamically-Managed Code Resources (CVE-2024-5401)

Improper control of dynamically-managed code resources vulnerability in WebAPI component in Synology DiskStation Manager DSM before 7.1.1-42962-8 and 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller DSMUC before 3.1.4-23079 allows remote authenticated users to obtain privileges witho...

EUVD-2025-202287

Improper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote, unauthenticated attacker to write arbitrary files on the server, potentially leading to remote code execution. User interaction is required...

EUVD-2025-93506

Improper control of dynamically-managed code resources for some IntelR NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

EUVD-2025-18697

Malicious code in bioql PyPI...

EUVD-2022-0909

Malicious code in bioql PyPI...

EUVD-2022-6975

Malicious code in bioql PyPI...

CVE-2024-2537

Improper Control of Dynamically-Managed Code Resources vulnerability in Logitech Logi Tune on MacOS allows Local Code Inclusion...

CVE-2024-2537 Electron Code Injection in Logi Tune macOS Application

Improper Control of Dynamically-Managed Code Resources vulnerability in Logitech Logi Tune on MacOS allows Local Code Inclusion...

CVE-2024-2537 Electron Code Injection in Logi Tune macOS Application

Improper Control of Dynamically-Managed Code Resources vulnerability in Logitech Logi Tune on MacOS allows Local Code Inclusion...

PT-2024-20905 · Logitech · Logitech Logi Tune

Name of the Vulnerable Software and Affected Versions: Logitech Logi Tune affected versions not specified Description: The issue is related to an Improper Control of Dynamically-Managed Code Resources vulnerability, which allows Local Code Inclusion. This vulnerability affects Logitech Logi Tune ...

Logitech Logi Tune Security Vulnerability

Logitech Logi Tune is a free desktop application from Logitech Switzerland. It allows users to calibrate headphones or Logi Dock audio. A security vulnerability exists in Logitech Logi Tune that stems from improper control of dynamically managed code resources...

BIT-SOLR-2023-50292 Apache Solr: Solr Schema Designer blindly "trusts" all configsets, possibly leading to RCE by unauthenticated users

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configu...

Design/Logic Flaw

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configu...

CVE-2023-50292

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configu...

CVE-2023-50292 Apache Solr: Solr Schema Designer blindly "trusts" all configsets, possibly leading to RCE by unauthenticated users

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configu...