Weaknesses of type CWE-94
3,752 resultsCVE-2025-34433CRITICALAVideo < 20.1 Unauthenticated RCE via Predictable Installation SaltEPSS 1.5%CVE-2024-28386CRITICALAn issue in Home-Made.io fastmagsync v.1.7.51 and before allows a remote attacker to execute arbitrary code via the getPhpBin() component.EPSS 1.5%CVE-2026-41137CRITICALFlowise: Code Injection in CSVAgent leads to Authenticated RCEEPSS 1.5%CVE-2024-11635CRITICALWordPress File Upload <= 4.24.12 - Unuathenticated Remote Code ExecutionEPSS 1.4%CVE-2024-1015CRITICALRemote command execution vulnerability in SE-elektronic GmbH E-DDC3.3EPSS 1.4%CVE-2022-25812—Transposh WordPress Translation < 1.0.8 - Admin+ RCEEPSS 1.4%CVE-2023-26546HIGHEuropean Chemicals Agency IUCLID before 6.27.6 allows remote authenticated users to execute arbitrary code via Server Side Template InjectioEPSS 1.4%CVE-2025-11837HIGHMalware RemoverEPSS 1.4%CVE-2022-46166HIGHSpring Boot Admins integrated notifier support allows arbitrary code executionEPSS 1.4%CVE-2024-42599HIGHSeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although admin_files.php imposes restrictioEPSS 1.4%CVE-2023-5201CRITICALOpenHook <= 4.3.0 - Authenticated (Subscriber+) Remote Code Execution via ShortcodeEPSS 1.4%CVE-2023-39059—An issue in ansible semaphore v.2.8.90 allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables paramEPSS 1.4%CVE-2022-48093HIGHSeacms v12.7 was discovered to contain a remote code execution (RCE) vulnerability via the ip parameter at admin_ ip.php.EPSS 1.4%CVE-2026-33873CRITICALLangflow has Authenticated Code Execution in Agentic Assistant ValidationEPSS 1.4%CVE-2024-23208HIGHThe issue was addressed with improved memory handling. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOEPSS 1.4%CVE-2024-33871HIGHAn issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver lEPSS 1.4%CVE-2022-35766HIGHWindows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityEPSS 1.4%CVE-2022-35767HIGHWindows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityEPSS 1.4%CVE-2024-51941HIGHApache Ambari: Remote Code Injection in Ambari Metrics and AMS AlertsEPSS 1.4%CVE-2026-33309CRITICALLangflow has an Arbitrary File Write (RCE) via v2 APIEPSS 1.4%