Fallos del tipo CWE-94
3773 resultadosCVE-2025-11548CRITICALibi WebFOCUS - Unauthenticated RCE VulnerabilityEPSS 0.5%CVE-2026-28505HIGHTautulli: RCE via eval() sandbox bypass using lambda nested scope to escape co_names whitelist checkEPSS 0.5%CVE-2026-50880CRITICALAn issue in the sendmail transport integration component of YouTransfer v1.0.6 allows attackers to execute arbitrary code via supplying a crEPSS 0.5%CVE-2024-46639HIGHA cross-site scripting (XSS) vulnerability in HelpDeskZ v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payloEPSS 0.5%CVE-2026-45697CRITICALFormie: Pre-authenticated server-side template injection in Hidden fieldsEPSS 0.5%CVE-2019-3695HIGHpcp: Local privilege escalation from user pcp to rootEPSS 0.5%CVE-2024-31648MEDIUMCross Site Scripting (XSS) in Insurance Management System v1.0, allows remote attackers to execute arbitrary web scripts or HTML via a craftEPSS 0.5%CVE-2023-24333HIGHA stack overflow vulnerability in Tenda AC21 with firmware version US_AC21V1.0re_V16.03.08.15_cn_TDC01 allows attackers to run arbitrary comEPSS 0.5%CVE-2026-45583HIGHMicrosoft Exchange Server Remote Code Execution VulnerabilityEPSS 0.5%CVE-2024-38990MEDIUMTada5hi sp-common v0.5.4 was discovered to contain a prototype pollution via the function mergeDeep. This vulnerability allows attackers to EPSS 0.5%CVE-2026-41486HIGHRay: Remote Code Execution via Parquet Arrow Extension Type DeserializationEPSS 0.5%CVE-2026-23742HIGHSkipper arbitrary code execution through lua filtersEPSS 0.5%CVE-2026-25856HIGHOpenBullet2 0.3.2 Authenticated RCE via Job Configuration InterfaceEPSS 0.5%CVE-2026-53576CRITICALKestra: Unauthenticated RCE via /configs path-suffix auth-filter bypassEPSS 0.5%CVE-2025-61732HIGHPotential code smuggling via doc comments in cmd/cgoEPSS 0.5%CVE-2026-43898CRITICALSandboxJS: Sandbox escape via Function.caller leakage of internal call opEPSS 0.5%CVE-2025-2207MEDIUMaitangbao springboot-manager dept cross site scriptingEPSS 0.5%CVE-2025-2208MEDIUMaitangbao springboot-manager Filename upload cross site scriptingEPSS 0.5%CVE-2024-11678MEDIUMCodeAstro Hospital Management System his_doc_register_patient.php cross site scriptingEPSS 0.5%CVE-2025-1742MEDIUMpihome-shc PiHome home.php cross site scriptingEPSS 0.5%