Falhas do tipo CWE-94
3.767 resultadosCVE-2024-36581HIGHA Prototype Pollution issue in abw badger-database 1.2.1 allows an attacker to execute arbitrary code via dist/badger-database.esm.EPSS 0.5%CVE-2024-11971MEDIUMGuizhou Xiaoma Technology jpress Avatar upload cross site scriptingEPSS 0.5%CVE-2024-11742MEDIUMSourceCodester Best House Rental Management System ajax.php cross site scriptingEPSS 0.5%CVE-2026-30993CRITICALSlah CMS v1.5.0 and below was discovered to contain a remote code execution (RCE) vulnerability in the session() function at config.php. ThiEPSS 0.5%CVE-2026-45261CRITICALGitButler: Link injection via forge integration enables arbitrary script executionEPSS 0.5%CVE-2025-12637HIGHElastic Theme Editor <= 0.0.3 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.5%CVE-2024-13012MEDIUMcode-projects Hostel Management System registration.php cross site scriptingEPSS 0.5%CVE-2026-30875HIGHChamilo LMS: Authenticated RCE via H5P ImportEPSS 0.5%CVE-2023-34330HIGHCode injection via Dynamic Redfish Extension interfaceEPSS 0.5%CVE-2023-45735HIGHWestermo Lynx Code InjectionEPSS 0.5%CVE-2024-27859HIGHThe issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionEPSS 0.5%CVE-2024-23727HIGHThe YI Smart Kami Vision com.kamivision.yismart application through 1.0.0_20231219 for Android allows a remote attacker to execute arbitraryEPSS 0.5%CVE-2026-30308CRITICALIn its design for automatic terminal command execution, HAI Build Code Generator offers two options: Execute safe commands and Execute all cEPSS 0.5%CVE-2026-32640HIGH(SimpleEval) Objects (including modules) can leak dangerous modules through to direct access inside the sandbox.EPSS 0.5%CVE-2025-58764HIGHClaude Code rg command had Command Injection that allowed bypass of user approval prompt for command executionEPSS 0.5%CVE-2025-59954CRITICALKnowage Contains a Remote Code Execution VulnerabilityEPSS 0.5%CVE-2022-28766LOWDLL injection in Zoom Windows ClientsEPSS 0.5%CVE-2022-42541CRITICALRemote code executionEPSS 0.5%CVE-2026-33622MEDIUMA PinchTab Security Policy Bypass in /wait Allows Arbitrary JavaScript ExecutionEPSS 0.5%CVE-2024-11246MEDIUMcode-projects Farmacia adicionar-cliente.php cross site scriptingEPSS 0.5%