Falhas do tipo CWE-94

3.754 resultados
CVE-2023-6188MEDIUMGetSimpleCMS theme-edit.php code injectionEPSS 1.0%CVE-2022-43660HIGHImproper neutralization of Server-Side Includes (SSW) within a web page in Movable Type series allows a remote authenticated attacker with PEPSS 1.0%CVE-2025-2127MEDIUMJoomlaUX JUX Real Estate realties cross site scriptingEPSS 1.0%CVE-2020-37186CRITICALChevereto 3.13.4 Core - Remote Code ExecutionEPSS 1.0%CVE-2023-36592HIGHMicrosoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityEPSS 1.0%CVE-2023-36589HIGHMicrosoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityEPSS 1.0%CVE-2023-36572HIGHMicrosoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityEPSS 1.0%CVE-2023-36575HIGHMicrosoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityEPSS 1.0%CVE-2023-36574HIGHMicrosoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityEPSS 1.0%CVE-2023-36573HIGHMicrosoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityEPSS 1.0%CVE-2023-36571HIGHMicrosoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityEPSS 1.0%CVE-2023-36570HIGHMicrosoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityEPSS 1.0%CVE-2023-2056MEDIUMDedeCMS module_main.php GetSystemFile code injectionEPSS 1.0%CVE-2024-26483HIGHAn arbitrary file upload vulnerability in the Profile Image module of Kirby CMS v4.1.0 allows attackers to execute arbitrary code via a crafEPSS 1.0%CVE-2022-0845HIGHCode Injection in pytorchlightning/pytorch-lightningEPSS 1.0%CVE-2024-42733CRITICALAn issue in Docmosis Tornado v.2.9.7 and before allows a remote attacker to execute arbitrary code via a crafted script to the UNC path inpuEPSS 1.0%CVE-2024-54806CRITICALNetgear WNR854T 1.5.2 (North America) is vulnerable to Arbitrary command execution in cmd.cgi which allows for the execution of system commaEPSS 1.0%CVE-2025-29902CRITICALRemote code execution that allows unauthorized users to execute arbitrary code on the server machine.EPSS 1.0%CVE-2023-0462HIGHArbitrary code execution through yaml global parametersEPSS 1.0%CVE-2024-48514CRITICALphp-heic-to-jpg <= 1.0.5 is vulnerable to code injection (fixed in 1.0.6). An attacker who can upload heic images is able to execute code onEPSS 1.0%