Weaknesses of type CWE-74
4,127 resultsCVE-2023-29524CRITICALCode injection from account through XWiki.SchedulerJobSheet in xwiki-platformEPSS 76.3%CVE-2021-21242CRITICALPre-Auth Unsafe Deserialization on AttachmentUploadServetEPSS 74.2%CVE-2026-22200HIGHosTicket (1.18.x < 1.18.3, 1.17.x < 1.17.7) PDF Export Arbitrary File ReadEPSS 73.1%CVE-2023-30547CRITICALSandbox Escape in vm2EPSS 72.1%CVE-2023-29516CRITICALCode injection from view right on XWiki.AttachmentSelector in xwiki-platformEPSS 65.9%CVE-2025-20337CRITICALCisco ISE API Unauthenticated Remote Code Execution VulnerabilityEPSS 65.1%KEVCVE-2024-50340HIGHAbility to change environment from query in symfony/runtimeEPSS 63.4%CVE-2021-21243CRITICALPre-Auth Unsafe Deserialization on KubernetesResourceEPSS 54.5%CVE-2025-4443MEDIUMD-Link DIR-605L sub_454F2C command injectionEPSS 53.8%CVE-2025-1338MEDIUMNUUO Camera handle_config.php print_file command injectionEPSS 51.9%CVE-2022-24760CRITICALCommand Injection in Parse serverEPSS 49.1%CVE-2022-31126CRITICALUnauthenticated Remote Code Execution in Roxy-wiEPSS 41.0%CVE-2026-3943MEDIUMH3C ACG1000-AK230 aaa_portal_auth_local_submit command injectionEPSS 40.8%CVE-2023-29374CRITICALIn LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec metEPSS 39.7%CVE-2024-46986CRITICALArbitrary file write leading to RCE in Camaleon CMSEPSS 35.5%CVE-2020-15227HIGHRemote Code Execution vulnerabilityEPSS 35.2%CVE-2022-24838MEDIUMCommand Injection in Appointment Emails for Nextcloud CalendarEPSS 31.6%CVE-2025-5438MEDIUMLinksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 WPS command injectionEPSS 31.1%CVE-2024-11652MEDIUMEnGenius ENH1350EXT/ENS500-AC/ENS620EXT sn_https command injectionEPSS 28.9%CVE-2024-11659MEDIUMEnGenius ENH1350EXT/ENS500-AC/ENS620EXT diag_iperf command injectionEPSS 27.8%