Fallos del tipo CWE-94
3735 resultadosCVE-2022-34821HIGHA vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2), EPSS 1.7%CVE-2025-3472MEDIUMOcean Extra <= 2.4.6 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 1.7%CVE-2023-43651HIGHRemote code execution on the host system via MongoDB shell in jumpserverEPSS 1.7%CVE-2024-31666CRITICALAn issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted script to the edit_addon_post.php component.EPSS 1.7%CVE-2021-24312—WP Super Cache < 1.7.3 - Authenticated Remote Code ExecutionEPSS 1.7%CVE-2026-24105CRITICALAn issue was discovered in goform/formsetUsbUnload in Tenda AC15V1.0 V15.03.05.18_multi. The value of `v1` was not checked, potentially leadEPSS 1.7%CVE-2018-25357CRITICALDolibarr ERP CRM 7.0.3 Remote Code Execution via install/step1.phpEPSS 1.7%CVE-2022-31860CRITICALAn issue was discovered in OpenRemote through 1.0.4 allows attackers to execute arbitrary code via a crafted Groovy rule.EPSS 1.7%CVE-2024-38396CRITICALAn issue was discovered in iTerm2 3.5.x before 3.5.2. Unfiltered use of an escape sequence to report a window title, in combination with theEPSS 1.7%CVE-2024-23742—An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilEPSS 1.7%CVE-2022-41138CRITICALIn Zutty before 0.13, DECRQSS in text written to the terminal can achieve arbitrary code execution.EPSS 1.7%CVE-2022-35777HIGHVisual Studio Remote Code Execution VulnerabilityEPSS 1.7%CVE-2021-22961—A code injection vulnerability exists within the firewall software of GlassWire v2.1.167 that could lead to arbitrary code execution from a EPSS 1.7%CVE-2020-8180—A too lax check in Nextcloud Talk 6.0.4, 7.0.2 and 8.0.7 allowed a code injection when a not correctly sanitized talk command was added by aEPSS 1.7%CVE-2024-42745CRITICALIn TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUPnPCfg. AuthEPSS 1.7%CVE-2024-42739HIGHIn TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCEPSS 1.7%CVE-2021-39114HIGHAffected versions of Atlassian Confluence Server and Data Center allow users with a valid account on a Confluence Data Center instance to exEPSS 1.7%CVE-2022-39365CRITICALRCE vulnerability in Pimcore/Mail & Dynamic Text LayoutEPSS 1.7%CVE-2024-47051CRITICALRemote Code Execution & File Deletion in Asset UploadsEPSS 1.7%CVE-2023-2859HIGH Code Injection in nilsteampassnet/teampassEPSS 1.6%