CWE-94
6,471 CVEs • Abstraction: Base • Likelihood of Exploit: Medium
Improper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
CVEs (6,471)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
2Debian Rubyonrails2Debian Linux RailsNov 21, 2024 Jul 2, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument of a `render` call to perform a RCE. |
1Zyxel 1Cloud Cnm Secumanager Nov 21, 2024 Jun 26, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows use of live/CPEManager/AXCampaignManager/delete_cpes_by_ids?cpe_ids= for eval injection of Python code. |
1Mattermost 1Mattermost Desktop Nov 21, 2024 Jun 19, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Mattermost Desktop App before 3.4.0. Strings could be executed as code via injection. |
Zenphoto versions prior to 1.5.7 allows an attacker to conduct PHP code injection attacks by leading a user to upload a specially crafted .zip file. |
1Cd Messenger Project 1Cd Messenger Nov 21, 2024 Jun 10, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 cd-messenger through 2.7.26 is vulnerable to Arbitrary Code Execution. User input provided to the `color` argument executed by the `eval` function resulting in code execution. |
1Access Policy Project 1Access Policy Nov 21, 2024 Jun 10, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 access-policy through 3.1.0 is vulnerable to Arbitrary Code Execution. User input provided to the `template` function is executed by the `eval` function resulting in code execution. |
1Node Extend Project 1Node Extend Nov 21, 2024 Jun 10, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. User input provided to the argument `A` of `extend` function`(A,B,as,isAargs)` located within `lib/extend.js` is executed by the `eval` function, resul...Show more |
mosc through 1.0.0 is vulnerable to Arbitrary Code Execution. User input provided to `properties` argument is executed by the `eval` function, resulting in code execution. |
A too lax check in Nextcloud Talk 6.0.4, 7.0.2 and 8.0.7 allowed a code injection when a not correctly sanitized talk command was added by an administrator. |
2Elastic Redhat2Kibana Openshift Container PlatformNov 21, 2024 Jun 3, 2020 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution flaw in TSVB. An authenticated attacker with privileges to create TSVB visualizations could insert data that would cause Kibana to execute arbitrary co...Show more |
Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype pollution flaw in the Upgrade Assistant. An authenticated attacker with privileges to write to the Kibana index could insert data that would cause Kib...Show more |
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors() or getSelectorsBySpecificity() is called with input from an attacker. |
1Node Dns Sync Project 1Node Dns Sync Nov 21, 2024 May 28, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 node-dns-sync (npm module dns-sync) through 0.2.0 allows execution of arbitrary commands . This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This ha...Show more |
1Panasonic 1Video Insight Vms Feb 23, 2026 May 20, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Video Insight VMS versions prior to 7.6.1 allow remote attackers to conduct code injection attacks via unspecified vectors. |
Studio in Open edX Ironwood 2.5, when CodeJail is not used, allows a user to go to the "Create New course>New section>New subsection>New unit>Add new component>Problem button>Advanced tab>Custom Python evaluated code" sc...Show more |
Lack of output sanitization allowed an attack to execute arbitrary shell commands via the logkitty npm package before version 0.7.1. |
In XWiki Platform 7.2 through 11.10.2, registered users without scripting/programming permissions are able to execute python/groovy scripts while editing personal dashboards. This has been fixed 11.3.7 , 11.10.3 and 12.0...Show more |
Service Data Download in SAP Application Server ABAP (ST-PI, before versions 2008_1_46C, 2008_1_620, 2008_1_640, 2008_1_700, 2008_1_710, 740) allows an attacker to inject code that can be executed by the application. An...Show more |
1Sap 1Adaptive Server Enterprise Backup Server Nov 21, 2024 May 12, 2020 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 SAP Adaptive Server Enterprise (Backup Server), version 16.0, does not perform the necessary validation checks for an authenticated user while executing DUMP or LOAD command allowing arbitrary code execution or Code Inje...Show more |
1Sap 1Adaptive Server Enterprise Nov 21, 2024 May 12, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Under certain conditions, SAP Adaptive Server Enterprise (XP Server on Windows Platform), versions 15.7, 16.0, does not perform the necessary checks for an authenticated user while executing the extended stored procedure...Show more |