Falhas do tipo CWE-94
3.799 resultadosCVE-2023-41898HIGH Arbitrary URL load in Android WebView in `MyActivity.kt` in Home Assistant Companion for AndroidEPSS 0.2%CVE-2026-24249HIGHNVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful explEPSS 0.2%CVE-2025-34114HIGHOpenBlow Missing Critical Security HeadersEPSS 0.2%CVE-2026-25797MEDIUMImageMagick vulnerable to Code injection via PostScript header in ps codersEPSS 0.2%CVE-2026-8539MEDIUMScript injection in SanitizerAPI in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to inject arbitrary scripts oEPSS 0.2%CVE-2025-9120HIGHRCE vulnerability has been discovered in OpenText™ Carbonite Safe Server Backup.EPSS 0.2%CVE-2026-12252HIGHUntrusted JAR Code Execution in Multiple Stanford Interface Classes in nltk/nltkEPSS 0.2%CVE-2025-42895MEDIUMCode Injection vulnerability in SAP HANA JDBC ClientEPSS 0.2%CVE-2024-10382HIGHArbitrary Code execution in Car App Android Jetpack LibraryEPSS 0.2%CVE-2026-8021MEDIUMScript injection in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestuEPSS 0.2%CVE-2024-48829MEDIUMDell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of Generation of Code ('Code Injection') vulnerabiliEPSS 0.2%CVE-2026-55895MEDIUMVim: Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filenameEPSS 0.2%CVE-2026-49241HIGHAngular: Multiple Remote Code Execution Vulnerabilities in Angular Language Service VS Code ExtensionEPSS 0.2%CVE-2025-63693MEDIUMThe comment editing template (dzz/comment/template/edit_form.htm) in DzzOffice 2.3.x lacks adequate security escaping for user-controllable EPSS 0.2%CVE-2025-61982HIGHAn arbitrary code execution vulnerability exists in the Code Stream directive functionality of OpenCFD OpenFOAM 2506. A specially crafted OpEPSS 0.1%CVE-2021-25415—Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memorEPSS 0.1%CVE-2026-8795HIGHA YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostnamEPSS 0.1%CVE-2026-46517HIGHLMDeploy: Hardcoded trust_remote_code=True is an implicit unsafe remote-code load path with no user opt-outEPSS 0.1%CVE-2026-41692MEDIUMi18nextify is vulnerable to DOM XSS via javascript:/data: URL schemes in translated href/src attributesEPSS 0.1%CVE-2026-57456HIGHVim: Arbitrary Code Execution via Python Omni-Completion DocstringsEPSS 0.1%