Falhas do tipo CWE-94
3.719 resultadosCVE-2024-44411CRITICALD-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the msp_info_htm function.EPSS 3.7%CVE-2022-23088CRITICAL802.11 heap buffer overflowEPSS 3.6%CVE-2024-41667HIGHOpenAM FreeMarker template injectionEPSS 3.5%CVE-2019-5413—An attacker can use the format parameter to inject arbitrary commands in the npm package morgan < 1.9.1.EPSS 3.4%CVE-2022-1159HIGHRockwell Automation Studio 5000 Logix Designer Code InjectionEPSS 3.4%CVE-2019-1194HIGHScripting Engine Memory Corruption VulnerabilityEPSS 3.4%CVE-2025-51991HIGHXWiki through version 17.3.0 is vulnerable to Server-Side Template Injection (SSTI) in the Administration interface, specifically within theEPSS 3.4%CVE-2025-55423CRITICALA command injection vulnerability exists in the upnp_relay() function in multiple ipTIME router models because the controlURL value used to EPSS 3.3%CVE-2025-41243CRITICALSpring Expression Language property modification using Spring Cloud Gateway Server WebFluxEPSS 3.3%CVE-2025-3994MEDIUMTOTOLINK N150RT IP Port Filtering home.htm cross site scriptingEPSS 3.3%CVE-2024-38346CRITICALApache CloudStack: Unauthenticated cluster service port leads to remote executionEPSS 3.3%CVE-2020-15150CRITICALRemote Code Execution in paginator(hex)EPSS 3.3%CVE-2018-3784—A code injection in cryo 0.0.6 allows an attacker to arbitrarily execute code due to insecure implementation of deserialization.EPSS 3.3%CVE-2024-44410CRITICALD-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the upgrade_filter_asp function.EPSS 3.2%CVE-2019-3759MEDIUMThe RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a code injectionEPSS 3.2%CVE-2020-15252HIGHRCE in XWikiEPSS 3.2%CVE-2023-42890—The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPaEPSS 3.2%CVE-2022-39327HIGHImproper Control of Generation of Code ('Code Injection') in Azure CLIEPSS 3.2%CVE-2025-13773CRITICALPrint Invoice & Delivery Notes for WooCommerce <= 5.8.0 - Unauthenticated Remote Code ExecutionEPSS 3.2%CVE-2023-6548MEDIUMImproper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIEPSS 3.2%KEV