Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

CVEs (6,456)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-3037 1Cisco 14Unified Videoconferencing System 3515 Multipoint Control Unit Unified Videoconferencing System 3515 Multipoint Control Unit FirmwareUnified Videoconferencing System 3522 Basic Rate Interface Gateway+11 more Apr 29, 2026 Nov 22, 2010 N/A· v4 N/A· v3 8.5 HIGH· v2 goform/websXMLAdminRequestCgi.cgi in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, and possibly Unified Videoconferencing System 3545 and 5230, Unified Videoconferencing 3527 Primary Rate Interface (PRI) Ga...Show more goform/websXMLAdminRequestCgi.cgi in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, and possibly Unified Videoconferencing System 3545 and 5230, Unified Videoconferencing 3527 Primary Rate Interface (PRI) Gateway, Unified Videoconferencing 3522 Basic Rate Interfaces (BRI) Gateway, and Unified Videoconferencing 3515 Multipoint Control Unit (MCU), allows remote authenticated administrators to execute arbitrary commands via the username field, related to a "shell command injection vulnerability," aka Bug ID CSCti54059.Show less
CVE-2010-3819 1Apple 2Safari Webkit Apr 29, 2026 Nov 22, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of Cascading Style Sheets (C...Show more WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of Cascading Style Sheets (CSS) boxes, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.Show less
CVE-2010-3809 1Apple 2Safari Webkit Apr 29, 2026 Nov 22, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of inline styling, which all...Show more WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of inline styling, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.Show less
CVE-2010-3808 1Apple 2Safari Webkit Apr 29, 2026 Nov 22, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of editing commands, which a...Show more WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of editing commands, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.Show less
CVE-2010-3635 1Adobe 1Flash Media Server Apr 29, 2026 Nov 10, 2010 N/A· v4 N/A· v3 10.0 HIGH· v2 Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5.x before 3.5.5, and 4.0.x before 4.0.1 allows attackers to execute arbitrary code via unspecified vectors, related to a "segmentation fault vulnerability."
CVE-2010-4005 1Gnome 1Tomboy Apr 29, 2026 Nov 6, 2010 N/A· v4 N/A· v3 6.9 MEDIUM· v2 The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in th...Show more The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: vector 1 exists because of an incorrect fix for CVE-2005-4790.2.Show less
CVE-2010-3913 1Transware 1Active Mail Apr 29, 2026 Nov 5, 2010 N/A· v4 N/A· v3 4.3 MEDIUM· v2 CRLF injection vulnerability in TransWARE Active! mail 6 build 6.40.010047750 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
CVE-2010-3172 1Mozilla 1Bugzilla Apr 29, 2026 Nov 5, 2010 N/A· v4 N/A· v3 2.6 LOW· v2 CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, when Server Push is enabled in a web browser, allows remote attackers to inject arbitrary HTTP heade...Show more CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, when Server Push is enabled in a web browser, allows remote attackers to inject arbitrary HTTP headers and content, and conduct HTTP response splitting attacks, via a crafted URL.Show less
CVE-2010-4096 1Monkeysphere Project 1Monkeysphere Apr 29, 2026 Oct 27, 2010 N/A· v4 N/A· v3 4.6 MEDIUM· v2 share/ma/keys_for_user in Monkeysphere 0.31 and 0.32 allows local users to execute arbitrary code via unknown manipulations related to the "monkeysphere-authentication keys-for-user" command.
CVE-2010-3749 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Oct 19, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 The browser-plugin implementation in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1 allows remote attackers to arguments to the RecordClip method, which allows remote attackers to download an...Show more The browser-plugin implementation in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1 allows remote attackers to arguments to the RecordClip method, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a " (double quote) in an argument to the RecordClip method, aka "parameter injection."Show less
CVE-2010-3331 1Microsoft 1Internet Explorer Apr 29, 2026 Oct 13, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circumstances involving use of Microsoft Word to read Word documents, which allows remote attackers to execute arbitrary code...Show more Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circumstances involving use of Microsoft Word to read Word documents, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."Show less
CVE-2010-3329 1Microsoft 1Internet Explorer Apr 29, 2026 Oct 13, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory,...Show more mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka "Uninitialized Memory Corruption Vulnerability."Show less
CVE-2010-3326 1Microsoft 1Internet Explorer Apr 29, 2026 Oct 13, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to...Show more Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."Show less
CVE-2010-3228 1Microsoft 1.net Framework Apr 29, 2026 Oct 13, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms does not properly perform optimizations, which allows remote attackers to execute arbitrary code via a crafted .NET application that triggers memory co...Show more The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms does not properly perform optimizations, which allows remote attackers to execute arbitrary code via a crafted .NET application that triggers memory corruption, aka ".NET Framework x64 JIT Compiler Vulnerability."Show less
CVE-2010-3221 1Microsoft 3Office WordWord Viewer Apr 29, 2026 Oct 13, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word Viewer do not properly handle a malformed record during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafte...Show more Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word Viewer do not properly handle a malformed record during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Parsing Vulnerability."Show less
CVE-2010-3220 1Microsoft 2Office Word Apr 29, 2026 Oct 13, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Parsing Vulnerability....Show more Unspecified vulnerability in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Parsing Vulnerability."Show less
CVE-2010-3219 1Microsoft 1Word Apr 29, 2026 Oct 13, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Array index vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Parsing Vulnerability."
CVE-2010-3218 1Microsoft 1Word Apr 29, 2026 Oct 13, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via malformed records in a Word document, aka "Word Heap Overflow Vulnerability."
CVE-2010-3216 1Microsoft 2Office Word Apr 29, 2026 Oct 13, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted Word document containing bookmarks that trigger use of an invalid pointer and memory corruption, aka "Word Bo...Show more Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted Word document containing bookmarks that trigger use of an invalid pointer and memory corruption, aka "Word Bookmarks Vulnerability."Show less
CVE-2010-3215 1Microsoft 2Office Word Apr 29, 2026 Oct 13, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle unspecified return values during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that trig...Show more Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle unspecified return values during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Return Value Vulnerability."Show less

Previous 1...252253254...323 Next