CWE-913
Improper Control of Dynamically-Managed Code Resources
The product does not properly restrict reading from or writing to dynamically-managed code resources such as variables, objects, classes, attributes, functions, or executable instructions or statements.
84 vulnerabilities with CWE-913
CVE-2025-46675
LOW
NASA CryptoLib <1.3.2 - Memory Corruption
CVSS 3.5
CVE-2025-46673
MEDIUM
NASA CryptoLib <1.3.2 - Auth Bypass
CVSS 4.9
CVE-2025-31674
HIGH
Drupal Drupal core <10.3.13-11.1.3 - Object Injection
CVSS 7.5
CVE-2024-5401
MEDIUM
Synology DSM <7.1.1-42962-8, <7.2.1-69057-2, <7.2.2-72806 - Privile...
CVSS 4.3
CVE-2024-8953
CRITICAL
composiohq/composio <0.4.3 - RCE
CVSS 9.8
CVE-2024-7297
HIGH
Langflow < 1.0.13 - Privilege Escalation
CVSS 8.8
CVE-2024-5452
CRITICAL
Lightningai Pytorch Lightning < 2.3.3 - Remote Code Execution
CVSS 9.8
CVE-2024-2537
MEDIUM
Logitech Logi Tune - Local Code Inclusion
CVSS 4.4
CVE-2024-27135
HIGH
Apache Pulsar <3.2 - RCE
CVSS 8.5
CVE-2023-50386
HIGH
Apache Solr Backup/Restore APIs RCE
CVSS 8.8
CVE-2023-6184
MEDIUM
Citrix Session Recording - XSS
CVSS 5.0
CVE-2023-31032
HIGH
NVIDIA DGX A100 SBIOS - DoS
CVSS 7.5
CVE-2023-43177
CRITICAL
CrushFTP Unauthenticated RCE
CVSS 9.8
CVE-2023-5763
MEDIUM
Eclipse Glassfish 5-6 - RCE
CVSS 6.8
CVE-2023-39983
MEDIUM
MXsecurity <1.0.1 - Info Disclosure
CVSS 5.3
CVE-2023-4041
CRITICAL
Silicon Labs Gecko Bootloader - Classic Buffer Overflow
CVSS 9.8
CVE-2023-37271
HIGH
RestrictedPython <6.1, 5.3 - Code Injection
CVSS 8.4
CVE-2023-35930
LOW
SpiceDB 1.22.0 - Info Disclosure
CVSS 3.7
CVE-2023-33175
CRITICAL
ToUI <2.4.0 - Info Disclosure
CVSS 9.1
CVE-2023-29199
CRITICAL
vm2 <3.9.15 - RCE
CVSS 9.8
CVE-2023-29017
CRITICAL
vm2 <3.9.15 - RCE
CVSS 10.0
CVE-2023-25560
HIGH
Datahub < 0.8.45 - Authentication Bypass
CVSS 8.2
CVE-2022-31764
HIGH
Apache ShardingSphere ElasticJob-UI <3.0.2 - RCE
CVSS 8.5
CVE-2022-4318
HIGH
cri-o - Info Disclosure
CVSS 7.8
CVE-2022-43441
HIGH
node-sqlite3 <5.1.1 - RCE
CVSS 8.1
Details
Vulnerabilities
84