Falhas do tipo CWE-94
3.749 resultadosCVE-2022-2636HIGHCode Injection in hestiacp/hestiacpEPSS 1.1%CVE-2026-27493CRITICALn8n has Unauthenticated Expression Evaluation via Form NodeEPSS 1.1%CVE-2024-10771HIGHSICK InspectorP61x, SICK InspectorP62x and SICK TiM3xx are vulnerable for remote code executionEPSS 1.1%CVE-2023-6996HIGHDisplay custom fields in the frontend – Post and User Profile Fields <= 1.2.1 - Authenticated (Contributor+) Code InjectionEPSS 1.1%CVE-2024-37779HIGHWoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the Apache Ant scriptEPSS 1.1%CVE-2022-46101HIGHAyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting maliEPSS 1.1%CVE-2024-24396MEDIUMCross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrarEPSS 1.1%CVE-2025-28203HIGHVicture RX1800 EN_V1.0.0_r12_110933 was discovered to contain a command injection vulnerability.EPSS 1.1%CVE-2024-21537HIGHVersions of the package lilconfig from 3.1.0 and before 3.1.1 are vulnerable to Arbitrary Code Execution due to the insecure usage of eval iEPSS 1.1%CVE-2023-23619CRITICALImproper Control of Generation of Code ('Code Injection') in @asyncapi/modelinaEPSS 1.1%CVE-2023-50379HIGHApache Ambari: authenticated users could perform command injection to perform RCEEPSS 1.1%CVE-2023-35333HIGHMediaWiki PandocUpload Extension Remote Code Execution VulnerabilityEPSS 1.1%CVE-2023-43481CRITICALAn issue in Shenzhen TCL Browser TV Web BrowseHere (aka com.tcl.browser) 6.65.022_dab24cc6_231221_gp allows a remote attacker to execute arbEPSS 1.1%CVE-2023-1947MEDIUMtaoCMS admin.php code injectionEPSS 1.1%CVE-2024-48581CRITICALFile Upload vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary code via the admin_clEPSS 1.1%CVE-2024-21541MEDIUMVersions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to use of the Function constructor without EPSS 1.1%CVE-2024-23755HIGHClickUp Desktop before 3.3.77 on macOS and Windows allows code injection because of specific Electron Fuses. There is inadequate protection EPSS 1.1%CVE-2026-0761CRITICALFoundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution VulnerabilityEPSS 1.1%CVE-2023-51015—TOTOLINX EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘enable parameter’ of the setDmzCfg interface oEPSS 1.0%CVE-2023-51018CRITICALTOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘opmode’ parameter of the setWiFiAEPSS 1.0%