Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

CVEs (6,471)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-44089 1Ecisp 1Espcms May 1, 2025 Nov 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component IS_GETCACHE.
CVE-2022-44088 1Ecisp 1Espcms May 1, 2025 Nov 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component INPUT_ISDESCRIPTION.
CVE-2022-44087 1Ecisp 1Espcms May 1, 2025 Nov 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component UPFILE_PIC_ZOOM_HIGHT.
CVE-2022-41061 1Microsoft 8365 Apps OfficeOffice Long Term Servicing Channel+5 more May 19, 2026 Nov 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Microsoft Word Remote Code Execution Vulnerability
CVE-2022-41205 1Sap 1Gui Nov 21, 2024 Nov 8, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful exploitation, the attacker can gain access to registries which can cause a limited impact on confidentiality and high impact...Show more SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful exploitation, the attacker can gain access to registries which can cause a limited impact on confidentiality and high impact on availability of the application. Show less
CVE-2022-3418 1Soflyy 1Wp All Import May 1, 2025 Nov 7, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 The Import any XML or CSV File to WordPress plugin before 3.6.9 is not properly filtering which file extensions are allowed to be imported on the server, which could allow administrators in multi-site WordPress installat...Show more The Import any XML or CSV File to WordPress plugin before 3.6.9 is not properly filtering which file extensions are allowed to be imported on the server, which could allow administrators in multi-site WordPress installations to upload arbitrary filesShow less
CVE-2022-44794 1Objectfirst 1Ootbi Jun 24, 2025 Nov 7, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue was discovered in Object First Ootbi BETA build 1.0.7.712. Management protocol has a flow which allows a remote attacker to execute arbitrary Bash code with root privileges. The command that sets the hostname do...Show more An issue was discovered in Object First Ootbi BETA build 1.0.7.712. Management protocol has a flow which allows a remote attacker to execute arbitrary Bash code with root privileges. The command that sets the hostname doesn't validate input parameters. As a result, arbitrary data goes directly to the Bash interpreter. An attacker would need credentials to exploit this vulnerability. This is fixed in Object First Ootbi BETA build 1.0.13.1611.Show less
CVE-2022-3869 1Froxlor 1Froxlor Nov 21, 2024 Nov 5, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Code Injection in GitHub repository froxlor/froxlor prior to 0.10.38.2.
CVE-2022-43572 1Splunk 2Splunk Splunk Cloud Platform Nov 21, 2024 Nov 4, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, sending a malformed file through the Splunk-to-Splunk (S2S) or HTTP Event Collector (HEC) protocols to an indexer results in a blockage or denial-of-service p...Show more In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, sending a malformed file through the Splunk-to-Splunk (S2S) or HTTP Event Collector (HEC) protocols to an indexer results in a blockage or denial-of-service preventing further indexing. Show less
CVE-2022-31691 1Vmware 5Bosh Editor Cloudfoundry Manifest Yml SupportConcourse Ci Pipeline Editor+2 more May 2, 2025 Nov 4, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Spring Tools 4 for Eclipse version 4.16.0 and below as well as VSCode extensions such as Spring Boot Tools, Concourse CI Pipeline Editor, Bosh Editor and Cloudfoundry Manifest YML Support version 1.39.0 and below all use...Show more Spring Tools 4 for Eclipse version 4.16.0 and below as well as VSCode extensions such as Spring Boot Tools, Concourse CI Pipeline Editor, Bosh Editor and Cloudfoundry Manifest YML Support version 1.39.0 and below all use Snakeyaml library for YAML editing support. This library allows for some special syntax in the YAML that under certain circumstances allows for potentially harmful remote code execution by the attacker.Show less
CVE-2022-3721 1Froxlor 1Froxlor May 2, 2025 Nov 4, 2022 N/A· v4 4.6 MEDIUM· v3 N/A· v2 Code Injection in GitHub repository froxlor/froxlor prior to 0.10.39.
CVE-2022-43571 1Splunk 2Splunk Splunk Cloud Platform Nov 21, 2024 Nov 3, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can execute arbitrary code through the dashboard PDF generation component.
CVE-2022-32924 1Apple 5Ipados Iphone OsMacos+2 more May 6, 2025 Nov 1, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Big Sur 11.7, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6. An app may be able to execute arbit...Show more The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Big Sur 11.7, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6. An app may be able to execute arbitrary code with kernel privileges.Show less
CVE-2020-21016 1Dlink 1Dir 846 Firmware May 7, 2025 Oct 31, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as root via HNAP1/control/SetGuestWLanSettings.php.
CVE-2022-39365 1Pimcore 1Pimcore Nov 21, 2024 Oct 27, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Pimcore is an open source data and experience management platform. Prior to version 10.5.9, the user controlled twig templates rendering in `Pimcore/Mail` & `ClassDefinition\Layout\Text` is vulnerable to server-side temp...Show more Pimcore is an open source data and experience management platform. Prior to version 10.5.9, the user controlled twig templates rendering in `Pimcore/Mail` & `ClassDefinition\Layout\Text` is vulnerable to server-side template injection, which could lead to remote code execution. Version 10.5.9 contains a patch for this issue. As a workaround, one may apply the patch manually.Show less
CVE-2022-3394 1Soflyy 1Wp All Export May 7, 2025 Oct 25, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 The WP All Export Pro WordPress plugin before 1.7.9 does not limit some functionality during exports only to users with the Administrator role, allowing any logged in user which has been given privileges to perform expor...Show more The WP All Export Pro WordPress plugin before 1.7.9 does not limit some functionality during exports only to users with the Administrator role, allowing any logged in user which has been given privileges to perform exports to execute arbitrary code on the site. By default only administrators can run exports, but the privilege can be delegated to lower privileged users.Show less
CVE-2022-39327 1Microsoft 1Azure Command Line Interface Nov 21, 2024 Oct 25, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40.0, Azure CLI contains a vulnerability for potential code injection. Critical scenarios are where a hosting machine runs an Azure C...Show more Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40.0, Azure CLI contains a vulnerability for potential code injection. Critical scenarios are where a hosting machine runs an Azure CLI command where parameter values have been provided by an external source. The vulnerability is only applicable when the Azure CLI command is run on a Windows machine and with any version of PowerShell and when the parameter value contains the `&` or `\|` symbols. If any of these prerequisites are not met, this vulnerability is not applicable. Users should upgrade to version 2.40.0 or greater to receive a a mitigation for the vulnerability.Show less
CVE-2022-39326 1Kartverket 1Github Workflows Nov 21, 2024 Oct 25, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 kartverket/github-workflows are shared reusable workflows for GitHub Actions. Prior to version 2.7.5, all users of the `run-terraform` reusable workflow from the kartverket/github-workflows repo are affected by a code in...Show more kartverket/github-workflows are shared reusable workflows for GitHub Actions. Prior to version 2.7.5, all users of the `run-terraform` reusable workflow from the kartverket/github-workflows repo are affected by a code injection vulnerability. A malicious actor could potentially send a PR with a malicious payload leading to execution of arbitrary JavaScript code in the context of the workflow. Users should upgrade to at least version 2.7.5 to resolve the issue. As a workaround, review any pull requests from external users for malicious payloads before allowing them to trigger a build.Show less
CVE-2021-26731 1Lannerinc 1Iac Ast2500a Firmware Nov 21, 2024 Oct 24, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserb_func function of spx_restservice allow an authenticated attacker to execute arbitrary code with the same privileges as the se...Show more Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserb_func function of spx_restservice allow an authenticated attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0.Show less
CVE-2021-26729 1Lannerinc 1Iac Ast2500a Firmware Nov 21, 2024 Oct 24, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Command injection and multiple stack-based buffer overflows vulnerabilities in the Login_handler_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (r...Show more Command injection and multiple stack-based buffer overflows vulnerabilities in the Login_handler_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0.Show less

Previous 1...177178179...324 Next