Falhas do tipo CWE-94

3.746 resultados

CVE-2021-37626HIGHPHP file inclusion via insert tagsEPSS 1.3%CVE-2023-26436HIGHAttackers with access to the "documentconverterws" API were able to inject serialized Java objects, that were not properly checked during deEPSS 1.3%CVE-2024-8695CRITICALA remote code execution (RCE) vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2.EPSS 1.3%CVE-2025-29807HIGHMicrosoft Dataverse Remote Code Execution VulnerabilityEPSS 1.2%CVE-2023-30912HIGH A remote code execution issue exists in HPE OneView. EPSS 1.2%CVE-2025-59059CRITICALApache Ranger: Remote Code Execution Vulnerability in NashornScriptEngineCreatorEPSS 1.2%CVE-2024-29178HIGHApache StreamPark: FreeMarker SSTI RCE VulnerabilityEPSS 1.2%CVE-2023-4142HIGHWP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) Remote Code ExecutionEPSS 1.2%CVE-2023-4141HIGHWP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) PHP File Creation to Remote Code ExecutionEPSS 1.2%CVE-2023-51770HIGHApache DolphinScheduler: Arbitrary File Read VulnerabilityEPSS 1.2%CVE-2025-14287HIGHCommand Injection in mlflow/mlflowEPSS 1.2%CVE-2024-39714CRITICALA code injection vulnerability that permits a low-privileged user to upload arbitrary files to the server, leading to remote code execution EPSS 1.2%CVE-2023-49032CRITICALAn issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute arbitrary code and obtain sensitive information viaEPSS 1.2%CVE-2024-31011CRITICALArbitrary file write vulnerability in beescms v.4.0, allows a remote attacker to execute arbitrary code via a file path that was not isolateEPSS 1.2%CVE-2022-40497HIGHWazuh v3.6.1 - v3.13.5, v4.0.0 - v4.2.7, and v4.3.0 - v4.3.7 were discovered to contain an authenticated remote code execution (RCE) vulneraEPSS 1.2%CVE-2019-16774MEDIUMObject injection in cookie driverEPSS 1.2%CVE-2023-46010—An issue in SeaCMS v.12.9 allows an attacker to execute arbitrary commands via the admin_safe.php component.EPSS 1.2%CVE-2024-8696HIGHA remote code execution (RCE) vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious extension in Docker Desktop before 4.34.2.EPSS 1.2%CVE-2024-31005HIGHAn issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4MdhdAtom.cpp,AP4_MdhdAtom::AP4_MdhdAtom,mEPSS 1.2%CVE-2024-42598MEDIUMSeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although admin_editplayer.php imposes restrEPSS 1.2%

← anteriorpágina 36 / 188próxima →