Falhas do tipo CWE-94
3.729 resultadosCVE-2021-32621HIGHScript injection without script or programming rights through Gadget titlesEPSS 2.1%CVE-2021-21415HIGHVisual Studio Code Prisma Extension Remote Code Execution VulnerabilityEPSS 2.1%CVE-2023-26785CRITICALMariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability via UDF Code in a Shared Object File, followed by a "creEPSS 2.1%CVE-2025-24293CRITICAL# Active Storage allowed transformation methods potentially unsafe
Active Storage attempts to prevent the use of potentially unsafe imageEPSS 2.1%CVE-2024-48840CRITICALUnauthorized AccessEPSS 2.1%CVE-2022-0921HIGHAbusing Backup/Restore feature to achieve Remote Code Execution in microweber/microweberEPSS 2.1%CVE-2024-39962CRITICALD-Link DIR-823X AX3000 Dual-Band Gigabit Wireless Router v21_D240126 was discovered to contain a remote code execution (RCE) vulnerability iEPSS 2.1%CVE-2025-69902CRITICALA command injection vulnerability in the minimal_wrapper.py component of kubectl-mcp-server v1.2.0 allows attackers to execute arbitrary comEPSS 2.1%CVE-2020-8274—Citrix Secure Mail for Android before 20.11.0 suffers from Improper Control of Generation of Code ('Code Injection') by allowing unauthenticEPSS 2.0%CVE-2020-15147HIGHRemote Code Execution in Red Discord BotEPSS 2.0%CVE-2026-0768CRITICALLangflow code Code Injection Remote Code Execution VulnerabilityEPSS 2.0%CVE-2024-22188HIGHTYPO3 before 13.0.1 allows an authenticated admin user (with system maintainer privileges) to execute arbitrary shell commands (with the priEPSS 2.0%CVE-2020-8149—Lack of output sanitization allowed an attack to execute arbitrary shell commands via the logkitty npm package before version 0.7.1.EPSS 2.0%CVE-2020-21016CRITICALD-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as root via HNAP1/control/SetGuestWLanSettings.EPSS 2.0%CVE-2024-27622HIGHA remote code execution vulnerability has been identified in the User Defined Tags module of CMS Made Simple version 2.2.19 / 2.2.21. This vEPSS 2.0%CVE-2022-25967HIGHVersions of the package eta before 2.0.0 are vulnerable to Remote Code Execution (RCE) by overwriting template engine configuration variableEPSS 2.0%CVE-2020-8132—Lack of input validation in pdf-image npm package version <= 2.0.0 may allow an attacker to run arbitrary code if PDF file path is constructEPSS 2.0%CVE-2020-5259HIGHPrototype Pollution in DojoxEPSS 2.0%CVE-2022-24663CRITICALRemote Code Execution by Subscriber+ users via WordPress shortcodeEPSS 2.0%CVE-2021-32836HIGHPre-auth unsafe deserialization in ZStackEPSS 2.0%