Falhas do tipo CWE-94
3.754 resultadosCVE-2024-41364CRITICALRPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\trackEdit.phpEPSS 0.9%CVE-2024-41361CRITICALRPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\manageFilesFolders.phpEPSS 0.9%CVE-2024-29399HIGHAn issue was discovered in GNU Savane v.3.13 and before, allows a remote attacker to execute arbitrary code and escalate privileges via a crEPSS 0.9%CVE-2024-31022CRITICALAn issue was discovered in CandyCMS version 1.0.0, allows remote attackers to execute arbitrary code via the install.php component.EPSS 0.9%CVE-2024-22633CRITICALSetor Informatica Sistema Inteligente para Laboratorios (S.I.L.) 388 was discovered to contain a remote code execution (RCE) vulnerability vEPSS 0.9%CVE-2024-58284HIGHPopojiCMS 2.0.1 Remote Command Execution via Authenticated Metadata SettingsEPSS 0.9%CVE-2023-37427HIGHAuthenticated Remote Code Execution in EdgeConnect SD-WAN Orchestrator Web-Based Management InterfaceEPSS 0.9%CVE-2025-66913CRITICALJimuReport thru version 2.1.3 is vulnerable to remote code execution when processing user-controlled H2 JDBC URLs. The application passes thEPSS 0.9%CVE-2024-30973HIGHAn issue in V-SOL G/EPON ONU HG323AC-B with firmware version V2.0.08-210715 allows an attacker to execute arbtirary code and obtain sensitivEPSS 0.9%CVE-2023-3551CRITICALCode Injection in nilsteampassnet/teampassEPSS 0.9%CVE-2024-36456CRITICALSymantec Privileged Access Manager Remote Command Execution vulnerabilityEPSS 0.9%CVE-2026-3960MEDIUMRemote Code Execution in h2oai/h2o-3EPSS 0.9%CVE-2023-22853HIGHTiki before 24.1, when feature_create_webhelp is enabled, allows lib/structures/structlib.php PHP Object Injection because of an eval.EPSS 0.9%CVE-2021-29493MEDIUMKennnyshiwa-cogs vulnerable to Remote Code Execution in Tickets ModuleEPSS 0.9%CVE-2023-39333MEDIUMMaliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data EPSS 0.9%CVE-2024-48168CRITICALA stack overflow vulnerability exists in the sub_402280 function of the HNAP service of D-Link DCS-960L 1.09, allowing an attacker to executEPSS 0.9%CVE-2023-38198—acme.sh before 3.0.6 runs arbitrary commands from a remote server via eval, as exploited in the wild in June 2023.EPSS 0.9%CVE-2024-48453CRITICALAn issue in INOVANCE AM401_CPU1608TPTN allows a remote attacker to execute arbitrary code via the ExecuteUserProgramUpgrade functionEPSS 0.9%CVE-2023-44847—An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_ Weixin.php component.EPSS 0.9%CVE-2024-51243HIGHThe eladmin v2.7 and before contains a remote code execution (RCE) vulnerability that can control all application deployment servers of thisEPSS 0.9%