Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-2964

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-29 Jul, 2011 | 20:00
Updated At-06 Aug, 2024 | 23:15
Rejected At-
Credits

foomaticrip.c in foomatic-rip in foomatic-filters in Foomatic 4.0.6 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file, a different vulnerability than CVE-2011-2697.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:29 Jul, 2011 | 20:00
Updated At:06 Aug, 2024 | 23:15
Rejected At:
▼CVE Numbering Authority (CNA)

foomaticrip.c in foomatic-rip in foomatic-filters in Foomatic 4.0.6 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file, a different vulnerability than CVE-2011-2697.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://www.mandriva.com/security/advisories?name=MDVSA-2011:125
vendor-advisory
x_refsource_MANDRIVA
http://www.openwall.com/lists/oss-security/2011/07/18/3
mailing-list
x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2011/07/13/3
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=721001
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2011/07/28/1
mailing-list
x_refsource_MLIST
http://www.ubuntu.com/usn/USN-1194-1
vendor-advisory
x_refsource_UBUNTU
http://www.redhat.com/support/errata/RHSA-2011-1110.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/45477
third-party-advisory
x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/68994
vdb-entry
x_refsource_XF
https://bugzilla.novell.com/show_bug.cgi?id=698451
x_refsource_CONFIRM
http://security.gentoo.org/glsa/glsa-201203-07.xml
vendor-advisory
x_refsource_GENTOO
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
x_refsource_CONFIRM
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:125
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www.openwall.com/lists/oss-security/2011/07/18/3
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://www.openwall.com/lists/oss-security/2011/07/13/3
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=721001
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.openwall.com/lists/oss-security/2011/07/28/1
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://www.ubuntu.com/usn/USN-1194-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1110.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/45477
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/68994
Resource:
vdb-entry
x_refsource_XF
Hyperlink: https://bugzilla.novell.com/show_bug.cgi?id=698451
Resource:
x_refsource_CONFIRM
Hyperlink: http://security.gentoo.org/glsa/glsa-201203-07.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://www.mandriva.com/security/advisories?name=MDVSA-2011:125
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www.openwall.com/lists/oss-security/2011/07/18/3
mailing-list
x_refsource_MLIST
x_transferred
http://www.openwall.com/lists/oss-security/2011/07/13/3
mailing-list
x_refsource_MLIST
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=721001
x_refsource_CONFIRM
x_transferred
http://www.openwall.com/lists/oss-security/2011/07/28/1
mailing-list
x_refsource_MLIST
x_transferred
http://www.ubuntu.com/usn/USN-1194-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.redhat.com/support/errata/RHSA-2011-1110.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/45477
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/68994
vdb-entry
x_refsource_XF
x_transferred
https://bugzilla.novell.com/show_bug.cgi?id=698451
x_refsource_CONFIRM
x_transferred
http://security.gentoo.org/glsa/glsa-201203-07.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:125
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2011/07/18/3
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2011/07/13/3
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=721001
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2011/07/28/1
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-1194-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1110.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/45477
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/68994
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: https://bugzilla.novell.com/show_bug.cgi?id=698451
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-201203-07.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:29 Jul, 2011 | 20:55
Updated At:29 Apr, 2026 | 01:13

foomaticrip.c in foomatic-rip in foomatic-filters in Foomatic 4.0.6 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file, a different vulnerability than CVE-2011-2697.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 6.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches

The Linux Foundation
linuxfoundation
>>foomatic>>4.0.6
cpe:2.3:a:linuxfoundation:foomatic:4.0.6:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-94Primarynvd@nist.gov
CWE ID: CWE-94
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://secunia.com/advisories/45477cve@mitre.org
N/A
http://security.gentoo.org/glsa/glsa-201203-07.xmlcve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2011:125cve@mitre.org
N/A
http://www.openwall.com/lists/oss-security/2011/07/13/3cve@mitre.org
Exploit
Patch
http://www.openwall.com/lists/oss-security/2011/07/18/3cve@mitre.org
Exploit
Patch
http://www.openwall.com/lists/oss-security/2011/07/28/1cve@mitre.org
Exploit
Patch
http://www.redhat.com/support/errata/RHSA-2011-1110.htmlcve@mitre.org
N/A
http://www.ubuntu.com/usn/USN-1194-1cve@mitre.org
N/A
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdfcve@mitre.org
N/A
https://bugzilla.novell.com/show_bug.cgi?id=698451cve@mitre.org
Exploit
Patch
https://bugzilla.redhat.com/show_bug.cgi?id=721001cve@mitre.org
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/68994cve@mitre.org
N/A
http://secunia.com/advisories/45477af854a3a-2127-422b-91ae-364da2661108
N/A
http://security.gentoo.org/glsa/glsa-201203-07.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2011:125af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openwall.com/lists/oss-security/2011/07/13/3af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
http://www.openwall.com/lists/oss-security/2011/07/18/3af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
http://www.openwall.com/lists/oss-security/2011/07/28/1af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
http://www.redhat.com/support/errata/RHSA-2011-1110.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-1194-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdfaf854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.novell.com/show_bug.cgi?id=698451af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
https://bugzilla.redhat.com/show_bug.cgi?id=721001af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/68994af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://secunia.com/advisories/45477
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-201203-07.xml
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:125
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2011/07/13/3
Source: cve@mitre.org
Resource:
Exploit
Patch
Hyperlink: http://www.openwall.com/lists/oss-security/2011/07/18/3
Source: cve@mitre.org
Resource:
Exploit
Patch
Hyperlink: http://www.openwall.com/lists/oss-security/2011/07/28/1
Source: cve@mitre.org
Resource:
Exploit
Patch
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1110.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-1194-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://bugzilla.novell.com/show_bug.cgi?id=698451
Source: cve@mitre.org
Resource:
Exploit
Patch
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=721001
Source: cve@mitre.org
Resource:
Exploit
Patch
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/68994
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/45477
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-201203-07.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:125
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2011/07/13/3
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Hyperlink: http://www.openwall.com/lists/oss-security/2011/07/18/3
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Hyperlink: http://www.openwall.com/lists/oss-security/2011/07/28/1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1110.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-1194-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.novell.com/show_bug.cgi?id=698451
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=721001
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/68994
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

501Records found

CVE-2013-6474
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-3.07% / 86.05%
||
7 Day CHG~0.00%
Published-14 Mar, 2014 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file.

Action-Not Available
Vendor-n/aCanonical Ltd.The Linux FoundationDebian GNU/LinuxFedora Project
Product-debian_linuxcups-filtersubuntu_linuxfedoran/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-6473
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-3.43% / 87.49%
||
7 Day CHG~0.00%
Published-14 Mar, 2014 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.25 before 1.0.47 allow remote attackers to execute arbitrary code via a large (1) page or (2) line in a URF file.

Action-Not Available
Vendor-n/aCanonical Ltd.The Linux Foundation
Product-cups-filtersubuntu_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-6336
Matching Score-8
Assigner-Meta Platforms, Inc.
ShareView Details
Matching Score-8
Assigner-Meta Platforms, Inc.
CVSS Score-7.8||HIGH
EPSS-0.49% / 38.31%
||
7 Day CHG~0.00%
Published-31 Dec, 2018 | 20:00
Updated-06 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute. This issue affects osquery prior to v3.2.7

Action-Not Available
Vendor-FacebookThe Linux Foundation
Product-osqueryosquery
CWE ID-CWE-354
Improper Validation of Integrity Check Value
CVE-2021-32760
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-5||MEDIUM
EPSS-1.61% / 72.96%
||
7 Day CHG~0.00%
Published-19 Jul, 2021 | 00:00
Updated-19 Nov, 2024 | 14:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Archive package allows chmod of file outside of unpack target directory

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in containerd 1.5.4 and 1.4.8. As a workaround, ensure that users only pull images from trusted sources. Linux security modules (LSMs) like SELinux and AppArmor can limit the files potentially affected by this bug through policies and profiles that prevent containerd from interacting with specific files.

Action-Not Available
Vendor-containerdFedora ProjectThe Linux Foundation
Product-containerdfedoracontainerd
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2013-6475
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-3.22% / 86.68%
||
7 Day CHG~0.00%
Published-14 Mar, 2014 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-based buffer overflow.

Action-Not Available
Vendor-n/aCanonical Ltd.The Linux FoundationDebian GNU/LinuxFedora Project
Product-debian_linuxcups-filtersubuntu_linuxfedoran/a
CVE-2020-26290
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.98% / 57.83%
||
7 Day CHG~0.00%
Published-28 Dec, 2020 | 19:15
Updated-04 Aug, 2024 | 15:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Critical security issues in XML encoding in Dex

Dex is a federated OpenID Connect provider written in Go. In Dex before version 2.27.0 there is a critical set of vulnerabilities which impacts users leveraging the SAML connector. The vulnerabilities enables potential signature bypass due to issues with XML encoding in the underlying Go library. The vulnerabilities have been addressed in version 2.27.0 by using the xml-roundtrip-validator from Mattermost (see related references).

Action-Not Available
Vendor-dexidpThe Linux Foundation
Product-dexdex
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2019-19025
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.02% / 59.28%
||
7 Day CHG~0.00%
Published-20 Mar, 2020 | 02:01
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows CSRF in the VMware Harbor Container Registry for the Pivotal Platform.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)The Linux Foundation
Product-vmware_harbor_registryharborn/a
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2024-24421
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 56.19%
||
7 Day CHG~0.00%
Published-21 Jan, 2025 | 00:00
Updated-03 Jul, 2025 | 00:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A type confusion in the nas_message_decode function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted NAS packet.

Action-Not Available
Vendor-n/aThe Linux Foundation
Product-magman/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-35926
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-8.1||HIGH
EPSS-1.89% / 77.01%
||
7 Day CHG~0.00%
Published-22 Jun, 2023 | 13:29
Updated-05 Dec, 2024 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insecure sandbox in Backstage Scaffolder plugin

Backstage is an open platform for building developer portals. The Backstage scaffolder-backend plugin uses a templating library that requires sandbox, as it by design allows for code injection. The library used for this sandbox so far has been `vm2`, but in light of several past vulnerabilities and existing vulnerabilities that may not have a fix, the plugin has switched to using a different sandbox library. A malicious actor with write access to a registered scaffolder template could manipulate the template in a way that allows for remote code execution on the scaffolder-backend instance. This was only exploitable in the template YAML definition itself and not by user input data. This is vulnerability is fixed in version 1.15.0 of `@backstage/plugin-scaffolder-backend`.

Action-Not Available
Vendor-backstageThe Linux Foundation
Product-backstagebackstage
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2026-35171
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.71% / 49.17%
||
7 Day CHG~0.00%
Published-06 Apr, 2026 | 17:45
Updated-14 Apr, 2026 | 15:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arbitrary Code Execution via Malicious Logging Configuration in Kedro

Kedro is a toolbox for production-ready data science. Prior to 1.3.0, Kedro allows the logging configuration file path to be set via the KEDRO_LOGGING_CONFIG environment variable and loads it without validation. The logging configuration schema supports the special () key, which enables arbitrary callable instantiation. An attacker can exploit this to execute arbitrary system commands during application startup. This is a critical remote code execution (RCE) vulnerability caused by unsafe use of logging.config.dictConfig() with user-controlled input. This vulnerability is fixed in 1.3.0.

Action-Not Available
Vendor-kedro-orgThe Linux Foundation
Product-kedrokedro
CWE ID-CWE-502
Deserialization of Untrusted Data
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2026-32613
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-10||CRITICAL
EPSS-0.55% / 42.12%
||
7 Day CHG~0.00%
Published-20 Apr, 2026 | 20:07
Updated-23 Apr, 2026 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Spinnaker vulnerable to RCE via expression parsing due to unrestricted context handling

Spinnaker is an open source, multi-cloud continuous delivery platform. Echo like some other services, uses SPeL (Spring Expression Language) to process information - specifically around expected artifacts. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, unlike orca, it was NOT restricting that context to a set of trusted classes, but allowing FULL JVM access. This enabled a user to use arbitrary java classes which allow deep access to the system. This enabled the ability to invoke commands, access files, etc. Versions 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2 contain a patch. As a workaround, disable echo entirely.

Action-Not Available
Vendor-spinnakerThe Linux Foundation
Product-spinnakerspinnaker
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2026-25153
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-7.7||HIGH
EPSS-0.54% / 41.51%
||
7 Day CHG+0.18%
Published-30 Jan, 2026 | 21:31
Updated-30 Jun, 2026 | 12:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
@backstage/plugin-techdocs-node vulnerable to arbitrary code execution via MkDocs hooks

Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node prior to 1.13.11 and 1.14.1, when TechDocs is configured with `runIn: local`, a malicious actor who can submit or modify a repository's `mkdocs.yml` file can execute arbitrary Python code on the TechDocs build server via MkDocs hooks configuration. @backstage/plugin-techdocs-node versions 1.13.11 and 1.14.1 contain a fix. The fix introduces an allowlist of supported MkDocs configuration keys. Unsupported configuration keys (including `hooks`) are now removed from `mkdocs.yml` before running the generator, with a warning logged to indicate which keys were removed. Users of `@techdocs/cli` should also upgrade to the latest version, which includes the fixed `@backstage/plugin-techdocs-node` dependency. Some workarounds are available. Configure TechDocs with `runIn: docker` instead of `runIn: local` to provide container isolation, though it does not fully mitigate the risk. Limit who can modify `mkdocs.yml` files in repositories that TechDocs processes; only allow trusted contributors. Implement PR review requirements for changes to `mkdocs.yml` files to detect malicious `hooks` configurations before they are merged. Use MkDocs < 1.4.0 (e.g., 1.3.1) which does not support hooks. Note: This may limit access to newer MkDocs features. Building documentation in CI/CD pipelines using `@techdocs/cli` does not mitigate this vulnerability, as the CLI uses the same vulnerable `@backstage/plugin-techdocs-node` package.

Action-Not Available
Vendor-backstageThe Linux FoundationRed Hat, Inc.
Product-backstagebackstageSelf-service automation portal 2Red Hat Developer Hub 1.9Red Hat Developer Hub 1.8
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2026-24747
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.69% / 48.45%
||
7 Day CHG+0.07%
Published-27 Jan, 2026 | 21:13
Updated-30 Jun, 2026 | 12:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `weights_only` unpickler allows an attacker to craft a malicious checkpoint file (`.pth`) that, when loaded with `torch.load(..., weights_only=True)`, can corrupt memory and potentially lead to arbitrary code execution. Version 2.10.0 fixes the issue.

Action-Not Available
Vendor-pytorchThe Linux FoundationRed Hat, Inc.
Product-pytorchpytorchRed Hat OpenShift AI 2.25Red Hat OpenShift AI (RHOAI)
CWE ID-CWE-502
Deserialization of Untrusted Data
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-5259
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-7.7||HIGH
EPSS-1.98% / 78.07%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 17:50
Updated-04 Aug, 2024 | 08:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Prototype Pollution in Dojox

In affected versions of dojox (NPM package), the jqMix method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values. This has been patched in versions 1.11.10, 1.12.8, 1.13.7, 1.14.6, 1.15.3 and 1.16.2

Action-Not Available
Vendor-Dojo (OpenJS Foundation)The Linux Foundation
Product-dojoxdojox
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2025-5150
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.56% / 42.69%
||
7 Day CHG~0.00%
Published-25 May, 2025 | 15:00
Updated-03 Jun, 2025 | 12:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
docarray Web API torch_dataset.py __getitem__ prototype pollution

A vulnerability was found in docarray up to 0.40.1. It has been rated as critical. Affected by this issue is the function __getitem__ of the file /docarray/data/torch_dataset.py of the component Web API. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-n/aThe Linux Foundation
Product-docarraydocarray
CWE ID-CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2022-45907
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.19% / 64.23%
||
7 Day CHG~0.00%
Published-26 Nov, 2022 | 00:00
Updated-25 Apr, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary code execution because eval is used unsafely.

Action-Not Available
Vendor-n/aThe Linux Foundation
Product-pytorchn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-5258
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-7.7||HIGH
EPSS-4.02% / 89.33%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 17:50
Updated-04 Aug, 2024 | 08:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Prototype pollution in dojo

In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values. This has been patched in versions 1.12.8, 1.13.7, 1.14.6, 1.15.3 and 1.16.2

Action-Not Available
Vendor-Dojo (OpenJS Foundation)Debian GNU/LinuxThe Linux FoundationOracle Corporation
Product-communications_application_session_controllerdebian_linuxprimavera_unifiercommunications_pricing_design_centerweblogic_serverdocumakerwebcenter_sitescommunications_policy_managementmysqldojodojo
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVE-2014-1979
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-6.8||MEDIUM
EPSS-1.70% / 74.35%
||
7 Day CHG~0.00%
Published-19 Mar, 2014 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The NTT DOCOMO sp mode mail application 5900 through 6300 for Android 4.0.x and 6000 through 6620 for Android 4.1 through 4.4 allows remote attackers to execute arbitrary Java methods via Deco-mail emoticon POP data in an e-mail message.

Action-Not Available
Vendor-nttdocomon/aGoogle LLC
Product-androidspmode_mail_androidn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2014-1670
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-13.71% / 96.04%
||
7 Day CHG~0.00%
Published-25 Jan, 2014 | 16:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Microsoft Bing application before 4.2.1 for Android allows remote attackers to install arbitrary APK files via vectors involving a crafted DNS response.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-bingn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2014-2089
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.63% / 83.63%
||
7 Day CHG~0.00%
Published-02 Mar, 2014 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ILIAS 4.4.1 allows remote attackers to execute arbitrary PHP code via an e-mail attachment that leads to creation of a .php file with a certain client_id pathname.

Action-Not Available
Vendor-iliasn/a
Product-iliasn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2007-2319
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.30% / 81.20%
||
7 Day CHG~0.00%
Published-26 Apr, 2007 | 21:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PHP remote file inclusion vulnerability in the AutoStand 1.1 and earlier module for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to mod_as_category.php in (1) modules/mod_as_category/ or (2) modules/.

Action-Not Available
Vendor-autostand_categoryn/a
Product-autostand_categoryn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2014-0248
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-3.51% / 87.79%
||
7 Day CHG~0.00%
Published-07 Jul, 2014 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

org.jboss.seam.web.AuthenticationFilter in Red Hat JBoss Web Framework Kit 2.5.0, JBoss Enterprise Application Platform (JBEAP) 5.2.0, and JBoss Enterprise Web Platform (JBEWP) 5.2.0 allows remote attackers to execute arbitrary code via a crafted authentication header, related to Seam logging.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-jboss_enterprise_application_platformjboss_enterprise_web_platformjboss_web_framework_kitn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2014-0479
Matching Score-4
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-4
Assigner-Debian GNU/Linux
CVSS Score-6.8||MEDIUM
EPSS-2.73% / 84.32%
||
7 Day CHG~0.00%
Published-06 Aug, 2014 | 19:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows remote attackers to execute arbitrary commands via vectors related to compare_versions and reportbug/checkversions.py.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/Linux
Product-reportbugn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-7069
Matching Score-4
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-4
Assigner-Debian GNU/Linux
CVSS Score-6.8||MEDIUM
EPSS-3.10% / 86.16%
||
7 Day CHG~0.00%
Published-14 Dec, 2013 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ack 2.00 through 2.11_02 allows remote attackers to execute arbitrary code via a (1) --pager, (2) --regex, or (3) --output option in a .ackrc file in a directory to be searched.

Action-Not Available
Vendor-beyondgrepn/a
Product-ackn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-7050
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.90% / 77.19%
||
7 Day CHG~0.00%
Published-13 Dec, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The get_main_source_dir function in scripts/uscan.pl in devscripts before 2.13.8, when using USCAN_EXCLUSION, allows remote attackers to execute arbitrary commands via shell metacharacters in a directory name.

Action-Not Available
Vendor-devscripts_devel_teamn/a
Product-devscriptsn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-7284
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.82% / 84.82%
||
7 Day CHG~0.00%
Published-29 Apr, 2014 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The PlRPC module, possibly 0.2020 and earlier, for Perl uses the Storable module, which allows remote attackers to execute arbitrary code via a crafted request, which is not properly handled when it is deserialized.

Action-Not Available
Vendor-malcolm_nooningn/a
Product-pirpcn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-4957
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.12% / 62.26%
||
7 Day CHG~0.00%
Published-25 Oct, 2013 | 23:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dashboard report in Puppet Enterprise before 3.0.1 allows attackers to execute arbitrary YAML code via a crafted report-specific type.

Action-Not Available
Vendor-n/aPerforce Software, Inc. ("Puppet")
Product-puppet_enterprisen/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-4581
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.06% / 79.04%
||
7 Day CHG~0.00%
Published-12 May, 2014 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote attackers to execute arbitrary code via a crafted change using SSH.

Action-Not Available
Vendor-n/aGitLab Inc.
Product-gitlabgitlab-shelln/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-4444
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-13.99% / 96.10%
||
7 Day CHG~0.00%
Published-12 Sep, 2014 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-tomcatn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-4478
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.14% / 79.79%
||
7 Day CHG~0.00%
Published-07 Dec, 2013 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sup before 0.13.2.1 and 0.14.x before 0.14.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an email attachment.

Action-Not Available
Vendor-supmuan/a
Product-supn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-4225
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-2.05% / 78.95%
||
7 Day CHG+0.05%
Published-11 Feb, 2020 | 20:19
Updated-06 Aug, 2024 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RESTful Web Services (restws) module 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.1 for Drupal does not properly restrict access to entity write operations, which makes it easier for remote authenticated users with the "access resource node" and "create page content" permissions (or equivalents) to conduct cross-site scripting (XSS) or execute arbitrary PHP code via a crafted text field.

Action-Not Available
Vendor-restful_web_services_projectRESTful Web Services
Product-restful_web_servicesRESTful Web Services
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-4212
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-81.07% / 99.59%
||
7 Day CHG~0.00%
Published-07 Dec, 2013 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain getText methods in the ActionSupport controller in Apache Roller before 5.0.2 allow remote attackers to execute arbitrary OGNL expressions via the first or second parameter, as demonstrated by the pageTitle parameter in the !getPageTitle sub-URL to roller-ui/login.rol, which uses a subclass of UIAction, aka "OGNL Injection."

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-rollern/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2019-16255
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-4.22% / 89.78%
||
7 Day CHG~0.00%
Published-26 Nov, 2019 | 00:00
Updated-05 Aug, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.

Action-Not Available
Vendor-n/aOracle CorporationDebian GNU/LinuxRubyopenSUSE
Product-leapdebian_linuxrubygraalvmn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-2208
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.60% / 83.47%
||
7 Day CHG~0.00%
Published-28 Oct, 2013 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

tpp 1.3.1 allows remote attackers to execute arbitrary commands via a --exec command in a TPP template file.

Action-Not Available
Vendor-andreas_krennmairn/a
Product-tppn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2012-5837
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.26% / 80.85%
||
7 Day CHG~0.00%
Published-21 Nov, 2012 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Web Developer Toolbar in Mozilla Firefox before 17.0 executes script with chrome privileges, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted string.

Action-Not Available
Vendor-n/aMozilla Corporation
Product-firefoxn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-0132
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-6.8||MEDIUM
EPSS-1.26% / 66.02%
||
7 Day CHG~0.00%
Published-18 Apr, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The suexec implementation in Parallels Plesk Panel 11.0.9 contains a cgi-wrapper whitelist entry, which allows user-assisted remote attackers to execute arbitrary PHP code via a request containing crafted environment variables.

Action-Not Available
Vendor-n/aParallels International Gmbh
Product-parallels_plesk_paneln/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2012-5649
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-6.56% / 92.99%
||
7 Day CHG~0.00%
Published-23 May, 2014 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to execute arbitrary code via a JSONP callback, related to Adobe Flash.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-couchdbn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2012-4427
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.29% / 66.67%
||
7 Day CHG~0.00%
Published-01 Oct, 2012 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force the download and installation of arbitrary extensions from extensions.gnome.org via a crafted web page.

Action-Not Available
Vendor-n/aThe GNOME Project
Product-gnome-shelln/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2006-5634
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-6.07% / 92.52%
||
7 Day CHG~0.00%
Published-01 Nov, 2006 | 00:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple PHP remote file inclusion vulnerabilities in phpProfiles 2.1 Beta allow remote attackers to execute arbitrary PHP code via a URL in the (1) reqpath parameter to (a) body.inc.php and (b) body_blog.inc.php in users/include/; or the (2) usrinc parameter in users/include/upload_ht.inc.php.

Action-Not Available
Vendor-phpprofilesn/a
Product-phpprofilesn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2012-4009
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-6.8||MEDIUM
EPSS-2.00% / 78.33%
||
7 Day CHG~0.00%
Published-31 Aug, 2012 | 14:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The WebView class in the Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL.

Action-Not Available
Vendor-n/aCybozu, Inc.
Product-cybozu_liven/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2012-4143
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.31% / 67.14%
||
7 Day CHG~0.00%
Published-06 Aug, 2012 | 16:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, allows user-assisted remote attackers to trick users into downloading and executing arbitrary files via a small window for the download dialog, a different vulnerability than CVE-2012-1924.

Action-Not Available
Vendor-n/aApple Inc.Linux Kernel Organization, IncOperaMicrosoft Corporation
Product-windowslinux_kernelmac_os_xopera_browsern/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2012-2649
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-6.8||MEDIUM
EPSS-2.03% / 78.69%
||
7 Day CHG~0.00%
Published-08 Aug, 2012 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Sleipnir Mobile application 2.2.0 and earlier and Sleipnir Mobile Black Edition application 2.2.0 and earlier for Android allow remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site.

Action-Not Available
Vendor-fenrir-incn/a
Product-sleipnir_mobilen/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2012-1933
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-5.63% / 92.00%
||
7 Day CHG~0.00%
Published-27 Aug, 2012 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple PHP remote file inclusion vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4 before RC4, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[g_campsiteDir] parameter to (1) include/phorum_load.php, (2) conf/install_conf.php, or (3) conf/liveuser_configuration.php.

Action-Not Available
Vendor-sourcefabricn/a
Product-newscoopn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2012-0993
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.55% / 83.15%
||
7 Day CHG~0.00%
Published-21 Feb, 2012 | 00:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Eval injection vulnerability in zp-core/zp-extensions/viewer_size_image.php in ZENphoto 1.4.2, when the viewer_size_image plugin is enabled, allows remote attackers to execute arbitrary PHP code via the viewer_size_image_saved cookie.

Action-Not Available
Vendor-zenphoton/a
Product-zenphoton/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2019-17132
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-11.78% / 95.57%
||
7 Day CHG~0.00%
Published-04 Oct, 2019 | 11:36
Updated-05 Aug, 2024 | 01:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

vBulletin through 5.5.4 mishandles custom avatars.

Action-Not Available
Vendor-vbulletinn/a
Product-vbulletinn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2012-0394
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-74.41% / 99.43%
||
7 Day CHG~0.00%
Published-08 Jan, 2012 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability itself.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-strutsn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2011-5130
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-36.55% / 98.30%
||
7 Day CHG~0.00%
Published-30 Aug, 2012 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the argv[1] parameter.

Action-Not Available
Vendor-haudenschiltn/a
Product-family_connections_cmsn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2011-4458
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-3.10% / 86.16%
||
7 Day CHG~0.00%
Published-04 Jun, 2012 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Best Practical Solutions RT 3.6.x, 3.7.x, and 3.8.x before 3.8.12 and 4.x before 4.0.6, when the VERPPrefix and VERPDomain options are enabled, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-5092 and CVE-2011-5093.

Action-Not Available
Vendor-n/aBest Practical Solutions, LLC
Product-rtn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2011-3260
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-3.35% / 87.22%
||
7 Day CHG~0.00%
Published-14 Oct, 2011 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in OfficeImport in Apple iOS before 5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word document.

Action-Not Available
Vendor-n/aApple Inc.
Product-iphone_osn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2011-3228
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-3.16% / 86.40%
||
7 Day CHG~0.00%
Published-14 Oct, 2011 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xmac_os_x_servern/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 10
  • 11
  • Next
Details not found