Fallos del tipo CWE-94
3764 resultadosCVE-2024-0755HIGHMemory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruptionEPSS 0.7%CVE-2025-3776HIGHVerification SMS with TargetSMS <= 1.5 - Unauthenticated Limited Remote Code ExecutionEPSS 0.7%CVE-2024-1117HIGHopenBI Screen.php index code injectionEPSS 0.7%CVE-2024-21760HIGHAn improper control of generation of code ('Code Injection') vulnerability [CWE-94] in FortiSOAR Connector FortiSOAR 7.4 all versions, 7.3 aEPSS 0.7%CVE-2023-0022CRITICALCode Injection vulnerability in SAP BusinessObjects Business Intelligence platform (Analysis edition for OLAP)EPSS 0.7%CVE-2024-6807MEDIUMSourceCodester Student Study Center Desk Management System HTTP POST Request Users.php cross site scriptingEPSS 0.7%CVE-2026-8634CRITICALCrabbox < v0.12.0 Environment Variable Information DisclosureEPSS 0.7%CVE-2024-51757CRITICALFixes security vulnerability that allowed for server side code to be executed by a <script> tagEPSS 0.7%CVE-2025-27554CRITICALToDesktop before 2024-10-03, as used by Cursor before 2024-10-03 and other applications, allows remote attackers to execute arbitrary commanEPSS 0.7%CVE-2024-6726HIGHRemote Code Execution (RCE) in DelphixEPSS 0.7%CVE-2023-22677HIGHWordPress WP Booklet Plugin <= 2.1.8 is vulnerable to Remote Code Execution (RCE)EPSS 0.7%CVE-2023-0626HIGHDocker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route EPSS 0.7%CVE-2023-0625HIGHDocker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelogEPSS 0.7%CVE-2024-6923MEDIUMEmail header injection due to unquoted newlinesEPSS 0.7%CVE-2026-22807HIGHvLLM affected by RCE via auto_map dynamic module loading during model initializationEPSS 0.7%CVE-2024-8271HIGHFOX – Currency Switcher Professional for WooCommerce <= 1.4.2.1 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.7%CVE-2025-30057CRITICALAuthenticated RCE with uhcapache privileges in ConvertToPDFEPSS 0.7%CVE-2025-1976HIGHCode injection exposure in Fabric OS 9.1.0 through 9.1.1d6EPSS 0.7%KEVCVE-2026-23946MEDIUMTendenci has Authenticated Remote Code Execution via Pickle DeserializationEPSS 0.7%CVE-2026-30457CRITICALAn issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to execute arbitrary code via crafted PHP code.EPSS 0.7%