Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-913

CWE-913

Improper Control of Dynamically-Managed Code Resources

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly restrict reading from or writing to dynamically-managed code resources such as variables, objects, classes, attributes, functions, or executable instructions or statements.

90 vulnerabilities with CWE-913

CVE-2025-61780 MEDIUM

Rack < 2.2.20 - Proxy Request Redirection via Untrusted x-sendfile Headers

CVE-2025-9905 HIGH

Keras 3.0.0 to 3.11.3 HDF5 Model Load - Python Code Execution

CVE-2025-25270 CRITICAL

Phoenix Contact CHARX SEC-3000 Series - Configuration-Based Root Code Execution

CVE-2025-6705 MEDIUM

Eclipse Open VSX Registry - Privilege Escalation

CVE-2025-6384 CRITICAL

CrafterCMS 4.0.0-4.2.2 - Authenticated Remote Code Execution via Groovy Sandbox Bypass

CVE-2025-6107 LOW

comfyanonymous comfyui <0.3.40 - Code Injection

CVE-2025-46675 LOW

NASA CryptoLib <1.3.2 - Memory Corruption

CVE-2025-46673 MEDIUM

NASA CryptoLib <1.3.2 - Auth Bypass

CVE-2025-31674 HIGH

Drupal Drupal core <10.3.13-11.1.3 - Object Injection

CVE-2024-5401 MEDIUM

Synology DSM <7.1.1-42962-8, <7.2.1-69057-2, <7.2.2-72806 - Privile...

CVE-2024-8953 CRITICAL

composio < 0.5.43 - Remote Code Execution via Mathematical Calculator Endpoint

CVE-2024-7297 HIGH

Langflow < 1.0.13 - Privilege Escalation via Mass Assignment on Users Endpoint

CVE-2024-5452 CRITICAL

pytorch_lightning < 2.3.3 - Remote Code Execution via Deepdiff Delta Dunder Attribute Bypass

CVE-2024-2537 MEDIUM

Logitech Logi Tune - Local Code Inclusion

CVE-2024-27135 HIGH

Apache Pulsar 2.4.0-2.10.5, 2.11.0-2.11.3, 3.0.0-3.0.2, 3.1.0-3.1.2, 3.2.0 - Remote Code Execution

CVE-2023-50386 HIGH

Apache Solr Backup/Restore APIs RCE

CVE-2023-6184 MEDIUM

Citrix Virtual Apps and Desktops - Cross-Site Scripting

CVE-2023-31032 HIGH

NVIDIA DGX A100 SBIOS < 1.25 - Denial of Service via Dynamic Variable Evaluation

CVE-2023-43177 CRITICAL

CrushFTP Unauthenticated RCE

CVE-2023-5763 MEDIUM

Eclipse Glassfish 5.0.0-6.2.4 - Remote Code Execution via Insecure ORB Listeners

CVE-2023-39983 MEDIUM

MXsecurity <1.0.1 - Info Disclosure

CVE-2023-4041 CRITICAL

Silicon Labs Gecko Bootloader - Classic Buffer Overflow

CVE-2023-37271 HIGH

RestrictedPython <6.1, 5.3 - Code Injection

CVE-2023-35930 LOW

SpiceDB 1.22.0 - Incorrect Authorization Decision via LookupResources API

CVE-2023-33175 CRITICAL

toui 2.0.1-2.4.0 - Unauthenticated Remote Code Execution via Flask-Caching SimpleCache

Previous Page 2 of 4 Next

Details

Vulnerabilities 90

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy