Fallos del tipo CWE-913

68 resultados

CVE-2025-68613CRITICALn8n Vulnerable to Remote Code Execution via Expression InjectionEPSS 97.9%KEV CVE-2023-50386HIGHApache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSetsEPSS 83.8%CVE-2023-29017CRITICALvm2 Sandbox Escape vulnerabilityEPSS 63.2%CVE-2022-36067CRITICALvm2 vulnerable to Sandbox Escape before v3.9.11EPSS 47.9%CVE-2023-6184MEDIUMCross SiteScripting vulnerability in Citrix Session Recording allows attacker to perform Cross Site ScriptingEPSS 46.6%CVE-2026-34156CRITICALNocoBase Affected by Sandbox Escape to RCE via console._stdout Prototype Chain Traversal in Workflow Script NodeEPSS 36.5%CVE-2024-7297HIGHLangflow Privilege EscalationEPSS 21.3%CVE-2025-66398CRITICALSignal K Server has Unauthenticated State Pollution leading to Remote Code Execution (RCE)EPSS 17.9%CVE-2017-3202—The implementation of Action Message Format (AMF3) deserializers in Flamingo amf-serializer by Exadel, version 2.2.0, may allow instantiation of arbitrary classes due to improper code controlEPSS 8.2%CVE-2017-3200—The implementation of Action Message Format (AMF3) deserializers in GraniteDS, version 3.1.1.GA, may allow instantiation of arbitrary classes due to improper code controlEPSS 6.1%CVE-2024-27135HIGHApache Pulsar: Improper Input Validation in Pulsar Function Worker allows Remote Code ExecutionEPSS 6.0%CVE-2023-29199CRITICALvm2 Sandbox escape vulnerabilityEPSS 3.9%CVE-2020-3419MEDIUMCisco Webex Meetings and Cisco Webex Meetings Server Ghost Join VulnerabilityEPSS 1.7%CVE-2025-13659HIGHImproper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote, unauthenticEPSS 1.6%CVE-2019-1617HIGHCisco Nexus 9000 Series Switches Standalone NX-OS Mode Fibre Channel over Ethernet NPV Denial of Service VulnerabilityEPSS 1.5%CVE-2026-22709CRITICALvm2 has a Sandbox EscapeEPSS 1.2%CVE-2022-40635MEDIUMImproper Control of Dynamically-Managed Code Resources in Crafter StudioEPSS 1.2%CVE-2026-25049CRITICALn8n Has an Expression Escape Vulnerability Leading to RCEEPSS 1.2%CVE-2022-40634MEDIUMImproper Control of Dynamically-Managed Code Resources in Crafter StudioEPSS 1.2%CVE-2026-23830CRITICALSandboxJS has Sandbox Escape via Unprotected AsyncFunction ConstructorEPSS 1.1%

← anteriorpágina 1 / 4siguiente →