Fallos del tipo CWE-94

3766 resultados
CVE-2025-13658CRITICALIndustrial Video & Control Longwatch has a Code Injection vulnerabilityEPSS 0.6%CVE-2025-66916CRITICALThe snailjob component in RuoYi-Vue-Plus versions 5.5.1 and earlier, interface /snail-job/workflow/check-node-expression can execute QLExpreEPSS 0.6%CVE-2025-22152CRITICALImproper Path Validation Enables Path Traversal in Multiple Components in AtheosEPSS 0.6%CVE-2024-25350CRITICALSQL Injection vulnerability in /zms/admin/edit-ticket.php in PHPGurukul Zoo Management System 1.0 via tickettype and tprice parameters.EPSS 0.6%CVE-2024-0400HIGHSCM Software is a client and server application. An Authenticated System manager client can execute LINQ query in the SCM server, for customEPSS 0.6%CVE-2025-26970CRITICALWordPress Ark Theme Core plugin < 1.71.0 - Unauthenticated Remote Code Execution (RCE) vulnerabilityEPSS 0.6%CVE-2024-27856HIGHThe issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, maEPSS 0.6%CVE-2026-21658HIGHJohnson Controls -Frick Quantum HD- Unauthenticated Remote Code ExecutionEPSS 0.6%CVE-2025-23251HIGHNVIDIA NeMo Framework contains a vulnerability where a user could cause an improper control of generation of code by remote code execution. EPSS 0.6%CVE-2023-0792MEDIUM Code Injection in thorsten/phpmyfaqEPSS 0.6%CVE-2024-8481HIGHSpecial Text Boxes <= 6.2.4 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.6%CVE-2024-4039MEDIUMOrders Tracking for WooCommerce <= 1.2.10 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.6%CVE-2024-56333CRITICALRemote code execution in onyxia-apiEPSS 0.6%CVE-2024-36575CRITICALA Prototype Pollution issue in getsetprop 1.1.0 allows an attacker to execute arbitrary code via global.accessor.EPSS 0.6%CVE-2023-31315HIGHImproper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SEPSS 0.6%CVE-2024-13645CRITICALTagDiv Composer <= 5.3 - Unauthenticated Arbitrary PHP Object InstantiationEPSS 0.6%CVE-2024-13808HIGHXpro Elementor Addons - Pro <= 1.4.9 - Authenticated (Contributor+) Remote Code ExecutionEPSS 0.6%CVE-2026-39881MEDIUMVim Ex command injection in Vims NetBeans integrationEPSS 0.6%CVE-2026-5562MEDIUMprovectus kafka-ui Endpoint testexecutions validateAccess code injectionEPSS 0.6%CVE-2023-2943MEDIUMCode Injection in openemr/openemrEPSS 0.6%