Register
Login
Toggle navigation
SaaS Solutions
Vulnerability Intelligence
Pricing
Vulnerabilities
Reports
Blog
Contact Us
Main
Vulnerability Database
CWE List
With exploit
With patch
CWE-506 - Embedded Malicious Code
Description
The application contains code that is malicious in nature and allows an attacker to gain unauthorized access to the application or its component.
Latest vulnerabilities for CWE-506
Embedded malicious code in XZ Utils
2024-04-01
Critical
No
Embedded malicious code in Ledger Connect Kit
2023-12-14
High
Yes
Backdoor in Gigabyte UEFI firmware
2023-06-01
Critical
Yes
Backdoor in 3CX Electron desktop app for Windows and Mac
2023-03-30
Critical
Yes
Hard-coded credentials in Questions For Confluence app for Confluence Server and Data Center
2022-07-25
Critical
Yes
Embedded malicious code (backdoor) in api-res-py package for PyPI
2022-06-13
High
No
Embedded malicious code (backdoor) in pyanxdns package for PyPI
2022-06-13
High
Yes
Embedded malicious code (backdoor) in keep package for PyPI
2022-06-13
High
Yes
Remote code execution in School Management Pro plugin for WordPress
2022-05-23
Critical
Yes
Compromised gateway (backdoor) in October CMS
2022-02-23
High
Yes
References
Description of CWE-506 on Mitre website