Falhas do tipo CWE-94

3.766 resultados
CVE-2021-47939HIGHEvolution CMS 3.1.6 Authenticated Remote Code Execution via Module CreationEPSS 0.6%CVE-2025-10370MEDIUMMiczFlor RPi-Jukebox-RFID userScripts.php cross site scriptingEPSS 0.6%CVE-2024-11977HIGHkk Star Ratings – Rate Post & Collect User Feedbacks <= 5.4.10 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.6%CVE-2025-49013CRITICALWilderForge vulnerable to code Injection via GitHub Actions WorkflowsEPSS 0.6%CVE-2024-10572HIGHDenial of Service and Arbitrary File Write in h2oai/h2o-3EPSS 0.6%CVE-2026-31231CRITICALCognee thru v0.4.0 contains a critical remote code execution vulnerability in its notebook cell execution API endpoint. The endpoint is desiEPSS 0.6%CVE-2026-31233CRITICALGuardrails AI thru 0.6.7 contains a code injection vulnerability (CWE-94) in its Hub package installation mechanism. When installing validatEPSS 0.6%CVE-2021-47770HIGHOpenPLC 3 - Remote Code ExecutionEPSS 0.6%CVE-2025-42950CRITICALCode Injection Vulnerability in SAP Landscape Transformation (Analysis Platform)EPSS 0.6%CVE-2024-33442MEDIUMAn issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the add_post.php component.EPSS 0.6%CVE-2024-50804HIGHInsecure Permissions vulnerability in Micro-star International MSI Center Pro 2.1.37.0 allows a local attacker to execute arbitrary code viaEPSS 0.6%CVE-2024-21552CRITICALAll versions of `SuperAGI` are vulnerable to Arbitrary Code Execution due to unsafe use of the ‘eval’ function. An attacker could induce theEPSS 0.6%CVE-2024-51427CRITICALAn issue in the PepeGxng smart contract (which can be run on the Ethereum blockchain) allows remote attackers to have an unspecified impact EPSS 0.6%CVE-2026-31220CRITICALPySyft (Syft Datasite/Server) versions 0.9.5 and earlier are vulnerable to remote code execution due to insufficient validation and sandboxiEPSS 0.6%CVE-2024-51424CRITICALAn issue in the PepeGxng smart contract (which can be run on the Ethereum blockchain) allows remote attackers to have an unspecified impact EPSS 0.6%CVE-2024-8478HIGHAffiliate Super Assistent <= 1.5.3 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.6%CVE-2024-42393CRITICALUnauthenticated Stack-Based Buffer Overflow Remote Command Execution (RCE) in the Soft AP Daemon Service Accessed by the PAPI ProtocolEPSS 0.6%CVE-2023-47030CRITICALAn issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a GET requeEPSS 0.6%CVE-2025-55733CRITICALDeepChat One-click Remote Code Execution through Custom URL HandlingEPSS 0.6%CVE-2022-50972CRITICALWooCommerce 7.1.0 Remote Code Execution via class-wc-meta-box-product-images.phpEPSS 0.6%