CVE-2019-0091 (v3: 7.8) 17 May 2019
Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.


CVE-2018-3686 (v3: 6.7) 12 Sep 2018
Code injection vulnerability in INTEL-SA-00086 Detection Tool before version may allow a privileged user to potentially execute arbitrary code via local access.
CVE-2018-2427 (v3: 8.8) 10 Jul 2018
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.


CVE-2017-3907 (v3: 9.8) 13 Jun 2018
Code Injection vulnerability in the ePolicy Orchestrator (ePO) extension in McAfee Threat Intelligence Exchange (TIE) Server 2.1.0 and earlier allows remote attackers to execute arbitrary HTML code to be reflected in the response web page via unspecified vector.
CVE-2017-5543 (v3: 9.8) 20 Jan 2017
includes/classes/ia.core.users.php in Subrion CMS 4.0.5 allows remote attackers to conduct PHP Object Injection attacks via crafted serialized data in a salt cookie in a login request.






CVE-2012-4840 (v2: 5) 5 Mar 2013
IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 allows remote attackers to conduct XPath injection attacks, and call XPath extension functions, via unspecified vectors.