Fallos del tipo CWE-94
3754 resultadosCVE-2021-24721—Loco Translate < 2.5.4 - Authenticated PHP Code InjectionEPSS 0.9%CVE-2026-27744CRITICALSPIP tickets < 4.3.3 Unauthenticated RCEEPSS 0.9%CVE-2024-2497MEDIUMRaspAP raspap-webgui HTTP POST Request provider.php code injectionEPSS 0.9%CVE-2026-8467CRITICALUnauthenticated remote code execution via HEEx template injection in phoenix_storybook playgroundEPSS 0.9%CVE-2025-64676HIGHMicrosoft Purview eDiscovery Remote Code Execution VulnerabilityEPSS 0.9%CVE-2023-48978CRITICALAn issue in NCR ITM Web terminal v.4.4.0 and v.4.4.4 allows a remote attacker to execute arbitrary code via a crafted script to the IP camerEPSS 0.9%CVE-2024-4605HIGHBreakdance <= 1.7.1 - Authenticated (Contributor+) Remote Code ExecutionEPSS 0.9%CVE-2024-46489HIGHA remote command execution (RCE) vulnerability in promptr v6.0.7 allows attackers to execute arbitrary commands via a crafted URL.EPSS 0.9%CVE-2023-23551CRITICALX-600M Code InjectionEPSS 0.9%CVE-2023-32540HIGH
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwritEPSS 0.9%CVE-2025-65108CRITICALmd-to-pdf is vulnerable to arbitrary JavaScript code execution when parsing front matterEPSS 0.9%CVE-2026-24120CRITICALvm2: Sandbox Breakout Through Promise SpeciesEPSS 0.9%CVE-2025-57567CRITICALA remote code execution (RCE) vulnerability exists in the PluXml CMS theme editor, specifically in the minify.php file located under the defEPSS 0.9%CVE-2024-31390CRITICALWordPress Breakdance plugin <= 1.7.2 - Authenticated Remote Code Execution (RCE) vulnerabilityEPSS 0.9%CVE-2024-49375CRITICALRemote Code Execution via Remote Model Loading in RasaEPSS 0.9%CVE-2023-23496—The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, watchOS 9.3, iOS 15.7.2 and iPadOS 15.7.2, Safari 1EPSS 0.9%CVE-2023-23912HIGHA vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways (USG) Version 4.4.56 and earlier with tEPSS 0.9%CVE-2024-36694HIGHOpenCart 4.0.2.3 is vulnerable to Server-Side Template Injection (SSTI) via the Theme Editor Function.EPSS 0.9%CVE-2025-62369HIGHXibo CMS: Remote Code Execution through module templatesEPSS 0.9%CVE-2024-11587MEDIUMidcCMS classProvCity.php GetCityOptionJs cross site scriptingEPSS 0.9%