Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-913

CWE-913

Improper Control of Dynamically-Managed Code Resources

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly restrict reading from or writing to dynamically-managed code resources such as variables, objects, classes, attributes, functions, or executable instructions or statements.

90 vulnerabilities with CWE-913

CVE-2023-29199 CRITICAL

vm2 <3.9.15 - Remote Code Execution

CVE-2023-29017 CRITICAL

vm2 <3.9.15 - Remote Code Execution

CVE-2023-25560 HIGH

DataHub < 0.8.45 - Authentication Bypass and System Account Creation via JSON Format String Injection

CVE-2022-31764 HIGH

Apache ShardingSphere ElasticJob-UI <3.0.2 - RCE

CVE-2022-4318 HIGH

cri-o < 1.26.0 - Arbitrary File Write via Environment Variable

CVE-2022-43441 HIGH

Ghost sqlite3 5.0.0-5.1.1 - Remote Code Execution via Statement Bindings

CVE-2022-44000 CRITICAL

BACKCLICK Professional <5.9.63 - RCE

CVE-2022-3225 HIGH

GitHub budibase/budibase <1.3.20 - Info Disclosure

CVE-2022-40635 MEDIUM

Crafter CMS 3.1.0-3.1.22 - Authenticated Remote Code Execution via Groovy Sandbox Bypass

CVE-2022-40634 MEDIUM

Crafter CMS 3.1.0-3.1.22 - Authenticated Remote Code Execution via FreeMarker SSTI

CVE-2022-36067 CRITICAL

vm2 <3.9.11 - Remote Code Execution

CVE-2022-39051 MEDIUM

OTRS 6.0.0-6.0.31 and 7.0.0-7.0.36 - Remote Code Execution via Unverified Third-Party Package Installation

CVE-2022-27889 MEDIUM

Palantir Foundry Multipass < 3.647.0 - Denial of Service via Authentication/Authorization Operations

CVE-2022-25355 MEDIUM

EC-CUBE 3.0.0-3.0.18-p3 and 4.0.0-4.1.1 - Unauthenticated Email Spoofing via HTTP Host Header

CVE-2022-25265 HIGH

Linux kernel <5.16.10 - Memory Corruption

CVE-2021-23267 HIGH

Crafter CMS 3.1.0-3.1.17 - Authenticated Remote Code Execution via FreeMarker Static Methods

CVE-2021-42809 MEDIUM

Thales Sentinel Protection Installer - Code Injection

CVE-2021-23262 MEDIUM

CrafterCMS 3.1.0 through 3.1.13 - Remote Code Execution via YAML Configuration

CVE-2021-23259 MEDIUM

Crafter CMS 3.1.0-3.1.11 - Authenticated Remote Code Execution via Groovy Script Rendering

CVE-2021-23258 MEDIUM

Crafter CMS Spring SPEL - Authenticated OS Command Execution

CVE-2021-32813 MEDIUM

Traefik < 2.4.13 - Header Manipulation via Connection Header Handling

CVE-2021-22387 CRITICAL

Huawei EMUI and Magic UI - Remote Code Execution

CVE-2021-32563 CRITICAL

Thunar < 4.16.7 and 4.17.x < 4.17.2 - Remote Code Execution via File Delegation

CVE-2021-21413 HIGH

isolated-vm <4.0.0 - Info Disclosure

CVE-2021-26276 MEDIUM

GoDaddy node-config-shield <0.2.2 - Code Injection

Previous Page 3 of 4 Next

Details

Vulnerabilities 90

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy