CWE-506 - Embedded Malicious Code

Description

The application contains code that is malicious in nature and allows an attacker to gain unauthorized access to the application or its component.

Latest vulnerabilities for CWE-506

Hard-coded credentials in Questions For Confluence app for Confluence Server and Data Center 2022-07-25
Critical Yes
Embedded malicious code (backdoor) in api-res-py package for PyPI 2022-06-13
High No
Embedded malicious code (backdoor) in pyanxdns package for PyPI 2022-06-13
High Yes
Embedded malicious code (backdoor) in keep package for PyPI 2022-06-13
High Yes
Remote code execution in School Management Pro plugin for WordPress 2022-05-23
Critical Yes
Compromised gateway (backdoor) in October CMS 2022-02-23
High Yes
Backdoor in veged/coa NPM repository 2021-11-04
Critical Yes
Backdoor in ua-parser-js NPM repository 2021-10-26
High Yes
Embedded malicious code (backdoor) in http-proxy-middelware package for NPM 2021-02-03
High No
Embedded malicious code (backdoor) in jquerry package for NPM 2021-02-03
High No

References

Description of CWE-506 on Mitre website