Falhas do tipo CWE-94
3.746 resultadosCVE-2025-67113CRITICALOS command injection in the CWMP client (/ftl/bin/cwmp) of Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@230804EPSS 1.2%CVE-2026-22709CRITICALvm2 has a Sandbox EscapeEPSS 1.2%CVE-2024-49048HIGHTorchGeo Remote Code Execution VulnerabilityEPSS 1.2%CVE-2024-28118HIGHGrav vulnerable to Server Side Template Injection (SSTI)EPSS 1.2%CVE-2023-6248CRITICALData leakage and arbitrary remote code execution in Syrus cloud devicesEPSS 1.2%CVE-2026-8832HIGHWPCode <= 2.3.5 - Authenticated (Author+) Remote Code Execution via CPT Capability Bypass via XML-RPC wp.newPostEPSS 1.2%CVE-2025-25675CRITICALTenda AC10 V1.0 V15.03.06.23 has a command injection vulnerablility located in the formexeCommand function. The str variable receives the cmEPSS 1.2%CVE-2016-10548—Arbitrary code execution is possible in reduce-css-calc node module <=1.2.4 through crafted css. This makes cross sites scripting (XSS) possEPSS 1.2%CVE-2024-6365CRITICALProduct Table by WBW <= 2.0.1 - Unauthenticated Remote Code ExecutionEPSS 1.2%CVE-2024-50636CRITICALPyMOL 2.5.0 contains a vulnerability in its "Run Script" function, which allows the execution of arbitrary Python code embedded within .PYM EPSS 1.2%CVE-2021-27438—The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components EPSS 1.2%CVE-2025-3509HIGHPre-Receive Hook Remote Code Execution vulnerability was identified in GitHub Enterprise Server that allowing Privilege EscalationEPSS 1.2%CVE-2023-1306HIGHRapid7 InsightCloudSec resource.db() method accessEPSS 1.2%CVE-2023-24107CRITICALhour_of_code_python_2015 commit 520929797b9ca43bb818b2e8f963fb2025459fa3 was discovered to contain a code execution backdoor via the requestEPSS 1.2%CVE-2021-31635—Server-Side Template Injection (SSTI) vulnerability in jFinal v.4.9.08 allows a remote attacker to execute arbitrary code via the template fEPSS 1.2%CVE-2023-21886HIGHVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are PrioEPSS 1.2%CVE-2023-36022MEDIUMMicrosoft Edge (Chromium-based) Remote Code Execution VulnerabilityEPSS 1.2%CVE-2024-47219CRITICALAn issue was discovered in vesoft NebulaGraph through 3.8.0. It allows shell command injection.EPSS 1.2%CVE-2022-39326HIGHkartverket/github-workflows's run-terraform allows for RCE via terraform planEPSS 1.2%CVE-2025-27678CRITICALVasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Client Remote Code Execution V-2023EPSS 1.2%