Fallos del tipo CWE-94
3764 resultadosCVE-2024-0325LOWCommand Injection in Helix SyncEPSS 0.8%CVE-2023-37198MEDIUM
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that
could cause remote code execution when anEPSS 0.8%CVE-2023-37199MEDIUM
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that
could cause remote code execution when an admEPSS 0.8%CVE-2022-31491CRITICALVoltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Netguard before 1.04-23292 allows a remote atEPSS 0.8%CVE-2023-29453CRITICALAgent 2 package are built with Go version affected by CVE-2023-24538EPSS 0.8%CVE-2024-37845HIGHMangoOS before 5.2.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the Active Process Command feaEPSS 0.7%CVE-2024-10252HIGHCode Injection in langgenius/difyEPSS 0.7%CVE-2024-12652CRITICALIntumit SmartRobot′s Conversational AI Platform - Improper Control of Generation of Code ('Code Injection')EPSS 0.7%CVE-2024-53268HIGHLack of validation on openExternal allows 1 click remote code execution in joplinEPSS 0.7%CVE-2025-11905MEDIUMyanyutao0402 ChanCMS gather.js getArticle code injectionEPSS 0.7%CVE-2024-27756HIGHGLPI through 10.0.12 allows CSV injection by an attacker who is able to create an asset with a crafted title.EPSS 0.7%CVE-2023-4994CRITICALAllow PHP in Posts and Pages <= 3.0.4 - Authenticated (Subscriber+) Remote Code Execution via ShortcodeEPSS 0.7%CVE-2025-46724CRITICALLangroid has a Code Injection vulnerability in TableChatAgentEPSS 0.7%CVE-2024-24707CRITICALWordPress Cwicly plugin <= 1.4.0.2 - Auth. Remote Code Execution (RCE) vulnerabilityEPSS 0.7%CVE-2025-54593HIGHFreshRSS is vulnerable to RCE attacks by authenticated adminEPSS 0.7%CVE-2025-27429CRITICALCode Injection Vulnerability in SAP S/4HANA (Private Cloud or On-Premise)EPSS 0.7%CVE-2023-31037HIGH
NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root user may cause code injection by a network caEPSS 0.7%CVE-2024-33294CRITICALAn issue in Library System using PHP/MySQli with Source Code V1.0 allows a remote attacker to execute arbitrary code via the _FAILE variableEPSS 0.7%CVE-2020-36875CRITICALAccessAlly < 3.3.2 Unauthenticated Arbitrary PHP Code ExecutionEPSS 0.7%CVE-2024-0755HIGHMemory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruptionEPSS 0.7%