Falhas do tipo CWE-94

3.754 resultados
CVE-2023-0462HIGHArbitrary code execution through yaml global parametersEPSS 1.0%CVE-2024-23750HIGHMetaGPT through 0.6.4 allows the QaEngineer role to execute arbitrary code because RunCode.run_script() passes shell metacharacters to subprEPSS 1.0%CVE-2024-8523MEDIUMlmxcms SQL Command Execution Module admin.php formatData code injectionEPSS 1.0%CVE-2023-5500HIGHFrauscher: FDS102 for FAdC/FAdCi remote code execution vulnerabilityEPSS 1.0%CVE-2023-31415CRITICALKibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send EPSS 1.0%CVE-2023-30638HIGHAtos Unify OpenScape SBC 10 before 10R3.1.3, OpenScape Branch 10 before 10R3.1.2, and OpenScape BCF 10 before 10R10.7.0 allow remote authentEPSS 1.0%CVE-2023-36702HIGHMicrosoft DirectMusic Remote Code Execution VulnerabilityEPSS 1.0%CVE-2024-34461CRITICALZenario before 9.5.60437 uses Twig filters insecurely in the Twig Snippet plugin, and in the site-wide HEAD and BODY elements, enabling codeEPSS 1.0%CVE-2022-44794HIGHAn issue was discovered in Object First Ootbi BETA build 1.0.7.712. Management protocol has a flow which allows a remote attacker to executeEPSS 1.0%CVE-2024-39209MEDIUMluci-app-sms-tool v1.9-6 was discovered to contain a command injection vulnerability via the score parameter.EPSS 1.0%CVE-2024-6891HIGHJournyx Authenticated Remote Code ExecutionEPSS 1.0%CVE-2025-1497CRITICALRemote Code Execution in PlotAIEPSS 1.0%CVE-2026-33660CRITICALn8n Has Multiple Remote Code Execution Vulnerabilities in Merge Node AlaSQL SQL ModeEPSS 1.0%CVE-2024-3098CRITICALPrompt Injection leading to Arbitrary Code Execution in run-llama/llama_indexEPSS 1.0%CVE-2024-45623CRITICALD-Link DAP-2310 Hardware A Firmware 1.16RC028 allows remote attackers to execute arbitrary code via a stack-based buffer overflow in the ATPEPSS 0.9%CVE-2024-41369CRITICALRPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\inc.setWifi.phpEPSS 0.9%CVE-2024-41368CRITICALRPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\inc.setWlanIpMail.phpEPSS 0.9%CVE-2024-41361CRITICALRPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\manageFilesFolders.phpEPSS 0.9%CVE-2024-41367CRITICALRPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\api\playlist\appendFileToPlaylist.pEPSS 0.9%CVE-2024-41364CRITICALRPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\trackEdit.phpEPSS 0.9%