Falhas do tipo CWE-94
3.754 resultadosCVE-2023-25344—An issue was discovered in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to execute arbitrary code via crafted Object.protEPSS 1.0%CVE-2023-45673HIGHArbitrary code execution on click of PDF links in JoplinEPSS 1.0%CVE-2026-4800HIGHlodash vulnerable to Code Injection via `_.template` imports key namesEPSS 1.0%CVE-2023-27866MEDIUMIBM Informix JDBC code executionEPSS 1.0%CVE-2024-21511CRITICALVersions of the package mysql2 before 3.9.7 are vulnerable to Arbitrary Code Injection due to improper sanitization of the timezone parameteEPSS 1.0%CVE-2024-2016MEDIUMZhiCms setcontroller.php index code injectionEPSS 1.0%CVE-2024-39700CRITICALRemote Code Execution (RCE) vulnerability in jupyterlab extension template `update-integration-tests` GitHub ActionEPSS 1.0%CVE-2024-25180CRITICALAn issue discovered in pdfmake 0.2.9 allows remote attackers to run arbitrary code via crafted POST request to the /pdf endpoint. NOTE: thisEPSS 1.0%CVE-2022-24817CRITICALImproper kubeconfig validation allows arbitrary code executionEPSS 1.0%CVE-2024-42902HIGHAn issue in the js_localize.php function of LimeSurvey v6.6.2 and before allows attackers to execute arbitrary code via injecting a crafted EPSS 1.0%CVE-2024-48694CRITICALFile Upload vulnerability in Xi'an Daxi Information technology OfficeWeb365 v.8.6.1.0 and v7.18.23.0 allows a remote attacker to execute arbEPSS 1.0%CVE-2025-44022CRITICALAn issue in vvveb CMS v.1.0.6 allows a remote attacker to execute arbitrary code via the Plugin mechanism.EPSS 1.0%CVE-2017-20064MEDIUMElefant CMS layout code injectionEPSS 1.0%CVE-2023-29382—An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary code via the sfdc_preauth.jsp component.EPSS 1.0%CVE-2025-29039HIGHAn issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x41dda8EPSS 1.0%CVE-2019-2390HIGHCode execution on Windows via OpenSSL engine injectionEPSS 1.0%CVE-2025-66848CRITICALJD Cloud NAS routers AX1800 (4.3.1.r4308 and earlier), AX3000 (4.3.1.r4318 and earlier), AX6600 (4.5.1.r4533 and earlier), BE6500 (4.4.1.r43EPSS 1.0%CVE-2024-3044MEDIUMGraphic on-click binding allows unchecked script executionEPSS 1.0%CVE-2024-48655HIGHAn issue in Total.js CMS v.1.0 allows a remote attacker to execute arbitrary code via the func.js file.EPSS 1.0%CVE-2023-6131HIGHCode Injection in salesagility/suitecrmEPSS 1.0%