Fallos del tipo CWE-94

3767 resultados
CVE-2024-21576CRITICALComfyUI-Bmad-Nodes is vulnerable to Code Injection. The issue stems from a validation bypass in the BuildColorRangeHSVAdvanced, FilterContouEPSS 0.5%CVE-2024-13453HIGHContact Form & SMTP Plugin for WordPress by PirateForms <= 2.6.0 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.5%CVE-2022-45177HIGHAn issue was discovered in LIVEBOX Collaboration vDesk through v031. An Observable Response Discrepancy can occur under the /api/v1/vdeskintEPSS 0.5%CVE-2024-12790MEDIUMcode-projects Hostel Management Site room-details.php cross site scriptingEPSS 0.5%CVE-2026-39846CRITICALSiYuan affected by Remote Code Execution in the Electron desktop client via stored XSS in synced table captionsEPSS 0.5%CVE-2024-10073MEDIUMflairNLP flair Mode File Loader clustering.py ClusteringModel code injectionEPSS 0.5%CVE-2026-22708HIGHCursor has a Terminal Tool Allowlist Bypass via Environment VariablesEPSS 0.5%CVE-2024-49254CRITICALWordPress ajax-extend plugin <= 1.0 - Remote Code Execution (RCE) vulnerabilityEPSS 0.5%CVE-2025-25021HIGHIBM QRadar Suite Software and IBM Cloud Pak for Security code injectionEPSS 0.5%CVE-2022-27837MEDIUMA vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0) allows attEPSS 0.5%CVE-2022-29216HIGHCode injection in `saved_model_cli` in TensorFlowEPSS 0.5%CVE-2025-25680HIGHLSC Smart Connect LSC Indoor PTZ Camera 7.6.32 is contains a RCE vulnerability in the tuya_ipc_direct_connect function of the anyka_ipc procEPSS 0.5%CVE-2026-27830HIGHc3p0 vulnerable to Remote Code Execution via unsafe deserialization of userOverridesAsString propertyEPSS 0.5%CVE-2023-40221HIGHSocomec MOD3GP-SY-120K Code InjectionEPSS 0.5%CVE-2022-23474MEDIUMeditor.js contains Code InjectionEPSS 0.5%CVE-2025-6990HIGHKallyas <= 4.24.0 - Authenticated (Contributor+) Remote Code ExecutionEPSS 0.5%CVE-2024-37109CRITICALWordPress WishList Member X plugin < 3.26.7 - Authenticated Arbitrary PHP Code Execution vulnerabilityEPSS 0.5%CVE-2026-21537HIGHMicrosoft Defender for Endpoint Linux Extension Remote Code Execution VulnerabilityEPSS 0.5%CVE-2026-4998MEDIUMSinaptik AI PandasAI Chat Message code_executor.py CodeExecutor.execute code injectionEPSS 0.5%CVE-2024-32492HIGHAn issue was discovered in Znuny 7.0.1 through 7.0.16 where the ticket detail view in the customer front allows the execution of external JaEPSS 0.5%