CWE-94— Improper Control of Generation of Code (Code Injection)
6,206 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-94page 45 of 125
- CVE-2019-10666HIGHCVSS 8.1EG 8.12019-09-09
An issue was discovered in LibreNMS through 1.47. Several of the scripts perform dynamic script inclusion via the include() function on user supplied input without sanitizing the values by calling basename() or a similar function. An attac…
- CVE-2019-10684CRITICALCVSS 9.8EG 9.82019-04-01
Application/Admin/Controller/ConfigController.class.php in 74cms v5.0.1 allows remote attackers to execute arbitrary PHP code via the index.php?m=Admin&c=config&a=edit site_domain parameter.
- CVE-2019-10758CRITICALCVSS 9.9EG 9.9⚠ KEV2019-12-24
mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. A misuse of the `vm` dependency to perform `exec` commands in a non-safe environment.
- CVE-2019-10769CRITICALCVSS 9.8EG 9.82019-12-06
safer-eval is a npm package to sandbox the he evaluation of code used within the eval function. Affected versions of this package are vulnerable to Arbitrary Code Execution via generating a RangeError.
- CVE-2019-10842CRITICALCVSS 9.8EG 9.82019-04-04
Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. An unauthenticated attacker can craft the ___cfduid cookie value with base64 arbitrary code to be executed via eval()…
- CVE-2019-10863HIGHCVSS 7.2EG 7.22019-04-04
A command injection vulnerability exists in TeemIp versions before 2.4.0. The new_config parameter of exec.php allows one to create a new PHP file with the exception of config information. The malicious PHP code sent is executed instantane…
- CVE-2019-10891CRITICALCVSS 9.8EG 9.82019-09-06
An issue was discovered in D-Link DIR-806 devices. There is a command injection in function hnap_main, which calls system() without checking the parameter that can be controlled by user, and finally allows remote attackers to execute arbit…
- CVE-2019-11201HIGHCVSS 8.0EG 8.02019-07-29
Dolibarr ERP/CRM 9.0.1 provides a module named website that provides for creation of public websites with a WYSIWYG editor. It was identified that the editor also allowed inclusion of dynamic code, which can lead to code execution on the h…
- CVE-2019-11354HIGHCVSS 7.8EG 7.82019-04-19
The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an …
- CVE-2019-11376HIGHCVSS 7.2EG 7.22019-04-20
SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a <?php substring in the second text box. NOTE: the vendor indicates that there was an assumption that the content is "made editable on its own.
- CVE-2019-11495CRITICALCVSS 9.8EG 9.82019-09-10
In Couchbase Server 5.1.1, the cookie used for intra-node communication was not generated securely. Couchbase Server uses erlang:now() to seed the PRNG which results in a small search space for potential random seeds that could then be use…
- CVE-2019-1150HIGHCVSS 8.8EG 8.82019-08-14
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker…
- CVE-2019-11526CRITICALCVSS 9.8EG 9.82019-10-10
An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable via sudo, is vulnerable to file path injection. This enables the Attacker to write files with superuser privileges in specific locations.
- CVE-2019-11552HIGHCVSS 7.0EG 7.02019-07-19
Code42 Enterprise and Crashplan for Small Business Client version 6.7 before 6.7.5, 6.8 before 6.8.8, and 6.9 before 6.9.4 allows eval injection. A proxy auto-configuration file, crafted by a lesser privileged user, may be used to execute …
- CVE-2019-1157HIGHCVSS 7.8EG 7.82019-08-14
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker …
- CVE-2019-11581CRITICALCVSS 9.8EG 9.8⚠ KEV2019-08-09
There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Ji…
- CVE-2019-11593HIGHCVSS 8.1EG 8.12019-04-29
In Adblock Plus before 3.5.2, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has…
- CVE-2019-11594HIGHCVSS 8.1EG 8.12019-04-29
In AdBlock before 3.45.0, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an …
- CVE-2019-11642HIGHCVSS 8.8EG 8.82019-05-08
A log poisoning vulnerability has been discovered in the OneShield Policy (Dragon Core) framework before 5.1.10. Authenticated remote adversaries can poison log files by entering malicious payloads in either headers or form elements. These…
- CVE-2019-1194HIGHCVSS 7.5EG 7.52019-08-14
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the con…
- CVE-2019-12114CRITICALCVSS 9.8EG 9.82020-03-18
An issue was discovered in ONAP HOLMES before Dublin. By accessing port 9202 of dep-holmes-engine-mgmt pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ON…
- CVE-2019-12115CRITICALCVSS 9.8EG 9.82020-03-18
An issue was discovered in ONAP SDC through Dublin. By accessing port 4000 of demo-sdc-sdc-be pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operat…
- CVE-2019-12116CRITICALCVSS 9.8EG 9.82020-03-18
An issue was discovered in ONAP SDC through Dublin. By accessing port 6000 of demo-sdc-sdc-fe pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operat…
- CVE-2019-12117CRITICALCVSS 9.8EG 9.82020-03-18
An issue was discovered in ONAP SDC through Dublin. By accessing port 4001 of demo-sdc-sdc-onboarding-be pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All …
- CVE-2019-12118CRITICALCVSS 9.8EG 9.82020-03-18
An issue was discovered in ONAP SDC through Dublin. By accessing port 7001 of demo-sdc-sdc-wfd-be pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Op…
- CVE-2019-12119CRITICALCVSS 9.8EG 9.82020-03-18
An issue was discovered in ONAP SDC through Dublin. By accessing port 7000 of demo-sdc-sdc-wfd-fe pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Op…
- CVE-2019-12120CRITICALCVSS 9.8EG 9.82020-03-18
An issue was discovered in ONAP VNFSDK through Dublin. By accessing port 8000 of demo-vnfsdk-vnfsdk, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Oper…
- CVE-2019-12295HIGHCVSS 7.5EG 7.52019-05-23
In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion.
- CVE-2019-12548HIGHCVSS 8.8EG 8.82019-06-03
Bludit before 3.9.0 allows remote code execution for an authenticated user by uploading a php file while changing the logo through /admin/ajax/upload-logo.
- CVE-2019-12761HIGHCVSS 7.5EG 7.52019-06-06
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containi…
- CVE-2019-12843MEDIUMCVSS 6.1EG 6.12019-07-03
A possible stored JavaScript injection requiring a deliberate server administrator action was detected. The issue was fixed in JetBrains TeamCity 2018.2.3.
- CVE-2019-12844MEDIUMCVSS 6.1EG 6.12019-07-03
A possible stored JavaScript injection was detected on one of the JetBrains TeamCity pages. The issue was fixed in TeamCity 2018.2.3.
- CVE-2019-13354CRITICALCVSS 9.8EG 9.82019-07-08
The strong_password gem 0.0.7 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 0.0.6.
- CVE-2019-13372CRITICALCVSS 9.8EG 9.82019-07-06
/web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 allows remote attackers to execute arbitrary PHP code via a cookie because a cookie's username field allows eval injection, and an empty …
- CVE-2019-13558CRITICALCVSS 9.8EG 9.82019-09-18
In WebAccess versions 8.4.1 and prior, an exploit executed over the network may cause improper control of generation of code, which may allow remote code execution, data exfiltration, or cause a system crash.
- CVE-2019-13714MEDIUMCVSS 6.1EG 6.12019-11-25
Insufficient validation of untrusted input in Color Enhancer extension in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to inject CSS into an HTML page via a crafted URL.
- CVE-2019-13956CRITICALCVSS 9.8EG 9.82019-07-18
Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH4_0df5_language=en to 4gH4_0df5_language=en'.phpinfo().'; (if the random prefix 4gH4_0df5_ were …
- CVE-2019-14242MEDIUMCVSS 6.7EG 6.72019-07-30
An issue was discovered in Bitdefender products for Windows (Bitdefender Endpoint Security Tool versions prior to 6.6.8.115; and Bitdefender Antivirus Plus, Bitdefender Internet Security, and Bitdefender Total Security versions prior to 23…
- CVE-2019-14281CRITICALCVSS 9.8EG 9.82019-07-26
The datagrid gem 1.0.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.
- CVE-2019-14282CRITICALCVSS 9.8EG 9.82019-07-26
The simple_captcha2 gem 0.2.3 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.
- CVE-2019-14423HIGHCVSS 8.8EG 8.82019-10-17
A Remote Code Execution (RCE) issue in the addon CUx-Daemon 1.11a of the eQ-3 Homematic CCU-Firmware 2.35.16 until 2.45.6 allows remote authenticated attackers to execute system commands as root remotely via a simple HTTP request.
- CVE-2019-14746CRITICALCVSS 9.8EG 9.82019-08-07
A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request.
- CVE-2019-14786MEDIUMCVSS 6.5EG 6.52019-08-15
The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via the wp-admin/admin-post.php reset-cmb parameter.
- CVE-2019-14827MEDIUMCVSS 6.1EG 6.12021-05-17
A vulnerability was found in Moodle where javaScript injection was possible in some Mustache templates via recursive rendering from contexts. Mustache helper tags that were included in template contexts were not being escaped before that c…
- CVE-2019-14867HIGHCVSS 8.8EG 8.82019-11-27
A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerbero…
- CVE-2019-14965CRITICALCVSS 9.8EG 9.82019-08-12
An issue was discovered in Frappe Framework 10 through 12 before 12.0.4. A server side template injection (SSTI) issue exists.
- CVE-2019-15001HIGHCVSS 7.2EG 7.22019-09-19
The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.0.0 before 8.1.3, from 8.2.0 before 8.2.5, from 8.3.0 before 8.3.4 and from 8.4.0 before 8.4.1 allow…
- CVE-2019-15087HIGHCVSS 7.2EG 7.22019-09-20
An issue was discovered in PRiSE adAS 1.7.0. An authenticated user can change the function used to hash passwords to any function, leading to remote code execution.
- CVE-2019-15224CRITICALCVSS 9.8EG 9.82019-08-19
The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions <=1.6.9 and >=1.6.14 are unaffected.
- CVE-2019-15318CRITICALCVSS 9.8EG 9.82019-08-22
The yikes-inc-easy-mailchimp-extender plugin before 6.5.3 for WordPress has code injection via the admin input field.
Map vulnerabilities like CWE-94 to your infrastructure
EchelonGraph correlates every CVE — across CWE-94 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →