Fallos del tipo CWE-94
3728 resultadosCVE-2020-29007CRITICALThe Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond exeEPSS 2.3%CVE-2022-23631CRITICALPrototype Pollution leading to Remote Code Execution in superjsonEPSS 2.3%CVE-2026-26833CRITICALthumbler through 1.1.2 allows OS command injection via the input, output, time, or size parameter in the thumbnail() function because user iEPSS 2.3%CVE-2021-26731CRITICALspx_restservice modifyUserb_func Command Injection and Multiple Stack-Based Buffer OverflowsEPSS 2.3%CVE-2023-49109CRITICALRemote Code Execution in Apache DolphinschedulerEPSS 2.3%CVE-2021-26728CRITICALspx_restservice KillDupUsr_func Command Injection and Stack-Based Buffer OverflowEPSS 2.3%CVE-2021-26727CRITICALspx_restservice SubNet_handler_func Multiple Command Injections and Stack-Based Buffer OverflowsEPSS 2.3%CVE-2021-26729CRITICALspx_restservice Login_handler_func Command Injection and Multiple Stack-Based Buffer OverflowsEPSS 2.3%CVE-2023-24538CRITICALBackticks not treated as string delimiters in html/templateEPSS 2.3%CVE-2024-54152CRITICALAngular Expressions - Remote Code Execution when using localsEPSS 2.3%CVE-2023-33733HIGHReportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file.EPSS 2.3%CVE-2024-50960HIGHA command injection vulnerability in the Nmap diagnostic tool in the admin web console of Extron SMP 111 <=3.01, SMP 351 <=2.16, SMP 352 <= EPSS 2.2%CVE-2024-10644CRITICALCode injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticatEPSS 2.2%CVE-2021-23281CRITICALRemote Code executionEPSS 2.2%CVE-2021-43944HIGHThis issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. AfEPSS 2.2%CVE-2022-1575CRITICALArbitrary Code Execution through Sanitizer Bypass in jgraph/drawioEPSS 2.2%CVE-2024-48359CRITICALQualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the gridValoresPopHidden parameter.EPSS 2.2%CVE-2024-54805CRITICALNetgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updaEPSS 2.2%CVE-2024-54807CRITICALIn Netgear WNR854T 1.5.2 (North America), the UPNP service is vulnerable to command injection in the function addmap_exec which parses the NEPSS 2.2%CVE-2024-21643HIGHMicrosoft.IdentityModel.Protocols.SignedHttpRequest remote code execution vulnerabilityEPSS 2.2%