CWE-94
Improper Control of Generation of Code ('Code Injection')
Description
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-242 · CAPEC-35 · CAPEC-77
CVEs mapped to this weakness (4,559)
page 193 of 228| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-15599 | — | 0.00 | — | 0.04 | Dec 18, 2019 | A Code Injection exists in tree-kill on Windows which allows a remote code execution when an attacker is able to control the input into the command. | ||
| CVE-2019-16774 | 0.00 | — | 0.00 | Dec 12, 2019 | In phpfastcache before 5.1.3, there is a possible object injection vulnerability in cookie driver. | |||
| CVE-2019-10769 | 0.00 | — | 0.01 | Dec 6, 2019 | safer-eval is a npm package to sandbox the he evaluation of code used within the eval function. Affected versions of this package are vulnerable to Arbitrary Code Execution via generating a RangeError. | |||
| CVE-2019-14867 | — | 0.00 | — | 0.03 | Nov 27, 2019 | A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerberos key data. An unauthenticated attacker… | ||
| CVE-2019-18889 | — | 0.00 | — | 0.05 | Nov 21, 2019 | An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache. | ||
| CVE-2019-19010 | — | 0.00 | — | 0.01 | Nov 16, 2019 | Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands. | ||
| CVE-2019-8230 | 0.00 | — | 0.00 | Nov 5, 2019 | In Magentoprior to 1.9.4.3, and Magento prior to 1.14.4.3, an authenticated user with administrative privileges to edit configuration settings can execute arbitrary code through a crafted support/output path. | |||
| CVE-2019-8231 | 0.00 | — | 0.00 | Nov 5, 2019 | In Magento to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated user with administrative privileges for editing attribute sets can execute arbitrary code through custom layout modification. | |||
| CVE-2019-10760 | — | 0.00 | — | 0.11 | Oct 15, 2019 | safer-eval before 1.3.2 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code. | ||
| CVE-2019-10759 | — | 0.00 | — | 0.01 | Oct 15, 2019 | safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code. | ||
| CVE-2019-10431 | 0.00 | — | 0.00 | Oct 1, 2019 | A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64 and earlier related to the handling of default parameter expressions in constructors allowed attackers to execute arbitrary code in sandboxed scripts. | |||
| CVE-2019-15224 | — | 0.00 | — | 0.02 | Aug 19, 2019 | The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions <=1.6.9 and >=1.6.14 are unaffected. | ||
| CVE-2019-7942 | 0.00 | — | 0.01 | Aug 2, 2019 | A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create or edit a product can execute arbitrary code via malicious XML layout updates. | |||
| CVE-2019-7932 | 0.00 | — | 0.01 | Aug 2, 2019 | A remote code execution vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create sitemaps can… | |||
| CVE-2019-7903 | 0.00 | — | 0.01 | Aug 2, 2019 | A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to email templates can execute arbitrary code by previewing a malicious template. | |||
| CVE-2019-7871 | 0.00 | — | 0.00 | Aug 2, 2019 | A security bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 that could be abused to execute arbitrary PHP code. An authenticated user can bypass security protections that prevent arbitrary PHP script upload via form data… | |||
| CVE-2019-14271 | — | 0.00 | — | 0.72 | Jul 29, 2019 | In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container. | ||
| CVE-2019-11201 | — | 0.00 | — | 0.01 | Jul 29, 2019 | Dolibarr ERP/CRM 9.0.1 provides a module named website that provides for creation of public websites with a WYSIWYG editor. It was identified that the editor also allowed inclusion of dynamic code, which can lead to code execution on the host machine. An attacker has to check a… | ||
| CVE-2019-14282 | — | 0.00 | — | 0.01 | Jul 26, 2019 | The simple_captcha2 gem 0.2.3 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. | ||
| CVE-2019-14281 | — | 0.00 | — | 0.01 | Jul 26, 2019 | The datagrid gem 1.0.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. |
- CVE-2019-15599Dec 18, 2019risk 0.00cvss —epss 0.04
A Code Injection exists in tree-kill on Windows which allows a remote code execution when an attacker is able to control the input into the command.
- CVE-2019-16774Dec 12, 2019risk 0.00cvss —epss 0.00
In phpfastcache before 5.1.3, there is a possible object injection vulnerability in cookie driver.
- CVE-2019-10769Dec 6, 2019risk 0.00cvss —epss 0.01
safer-eval is a npm package to sandbox the he evaluation of code used within the eval function. Affected versions of this package are vulnerable to Arbitrary Code Execution via generating a RangeError.
- CVE-2019-14867Nov 27, 2019risk 0.00cvss —epss 0.03
A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerberos key data. An unauthenticated attacker…
- CVE-2019-18889Nov 21, 2019risk 0.00cvss —epss 0.05
An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache.
- CVE-2019-19010Nov 16, 2019risk 0.00cvss —epss 0.01
Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands.
- CVE-2019-8230Nov 5, 2019risk 0.00cvss —epss 0.00
In Magentoprior to 1.9.4.3, and Magento prior to 1.14.4.3, an authenticated user with administrative privileges to edit configuration settings can execute arbitrary code through a crafted support/output path.
- CVE-2019-8231Nov 5, 2019risk 0.00cvss —epss 0.00
In Magento to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated user with administrative privileges for editing attribute sets can execute arbitrary code through custom layout modification.
- CVE-2019-10760Oct 15, 2019risk 0.00cvss —epss 0.11
safer-eval before 1.3.2 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.
- CVE-2019-10759Oct 15, 2019risk 0.00cvss —epss 0.01
safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.
- CVE-2019-10431Oct 1, 2019risk 0.00cvss —epss 0.00
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64 and earlier related to the handling of default parameter expressions in constructors allowed attackers to execute arbitrary code in sandboxed scripts.
- CVE-2019-15224Aug 19, 2019risk 0.00cvss —epss 0.02
The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions <=1.6.9 and >=1.6.14 are unaffected.
- CVE-2019-7942Aug 2, 2019risk 0.00cvss —epss 0.01
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create or edit a product can execute arbitrary code via malicious XML layout updates.
- CVE-2019-7932Aug 2, 2019risk 0.00cvss —epss 0.01
A remote code execution vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create sitemaps can…
- CVE-2019-7903Aug 2, 2019risk 0.00cvss —epss 0.01
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to email templates can execute arbitrary code by previewing a malicious template.
- CVE-2019-7871Aug 2, 2019risk 0.00cvss —epss 0.00
A security bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 that could be abused to execute arbitrary PHP code. An authenticated user can bypass security protections that prevent arbitrary PHP script upload via form data…
- CVE-2019-14271Jul 29, 2019risk 0.00cvss —epss 0.72
In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.
- CVE-2019-11201Jul 29, 2019risk 0.00cvss —epss 0.01
Dolibarr ERP/CRM 9.0.1 provides a module named website that provides for creation of public websites with a WYSIWYG editor. It was identified that the editor also allowed inclusion of dynamic code, which can lead to code execution on the host machine. An attacker has to check a…
- CVE-2019-14282Jul 26, 2019risk 0.00cvss —epss 0.01
The simple_captcha2 gem 0.2.3 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.
- CVE-2019-14281Jul 26, 2019risk 0.00cvss —epss 0.01
The datagrid gem 1.0.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.