Fallos del tipo CWE-94
3737 resultadosCVE-2020-7480—A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists in Andover Continuum (All versions), which could caEPSS 1.5%CVE-2024-38395CRITICALIn iTerm2 before 3.5.2, the "Terminal may report window title" setting is not honored, and thus remote code execution might occur but "is noEPSS 1.5%CVE-2024-31003HIGHBuffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4_MemoryByteStream::WEPSS 1.5%CVE-2022-40486HIGHTP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 Rel. 57450(5553) was discovered to allow authenticated attackers to execute arbEPSS 1.5%CVE-2024-12471HIGHPost Saint: ChatGPT, GPT4, DALL-E, Stable Diffusion, Pexels, Dezgo AI Text & Image Generator <= 1.3.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File UploadEPSS 1.5%CVE-2011-10013CRITICALTraq 2.0–2.3 admincp/common.php RCEEPSS 1.5%CVE-2023-51066HIGHAn authenticated remote code execution vulnerability in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows attackers to arbiEPSS 1.5%CVE-2024-25249CRITICALAn issue in He3 App for macOS version 2.0.17, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArEPSS 1.5%CVE-2022-44262CRITICALff4j 1.8.1 is vulnerable to Remote Code Execution (RCE).EPSS 1.5%CVE-2024-25301HIGHRedaxo v5.15.1 was discovered to contain a remote code execution (RCE) vulnerability via the component /pages/templates.php.EPSS 1.5%CVE-2023-25539HIGH
Dell NetWorker 19.6.1.2, contains an OS command injection Vulnerability in the NetWorker client. A remote unauthenticated attacker could poEPSS 1.5%CVE-2022-36069HIGHPoetry Argument Injection vulnerability can lead to local Code ExecutionEPSS 1.5%CVE-2022-45550CRITICALAyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE).EPSS 1.5%CVE-2022-46333HIGHProofpoint Enterprise Protection perl eval() arbitrary command executionEPSS 1.5%CVE-2021-32831HIGHCode injection in total.jsEPSS 1.5%CVE-2024-6825HIGHRemote Code Execution in BerriAI/litellmEPSS 1.5%CVE-2023-51387HIGHExpression Injection Vulnerability in HertzbeatEPSS 1.5%CVE-2020-36655HIGHYii Yii2 Gii before 2.2.2 allows remote attackers to execute arbitrary code via the Generator.php messageCategory field. The attacker can emEPSS 1.5%CVE-2025-25789CRITICALFoxCMS v1.2.5 was discovered to contain a remote code execution (RCE) vulnerability via the index() method at \controller\Sitemap.php.EPSS 1.5%CVE-2025-34433CRITICALAVideo < 20.1 Unauthenticated RCE via Predictable Installation SaltEPSS 1.5%