Falhas do tipo CWE-95
141 resultadosCVE-2025-24893CRITICALRemote code execution as guest via SolrSearchMacros request in xwikiEPSS 99.9%KEVCVE-2024-36401CRITICALRemote Code Execution (RCE) vulnerability in evaluating property name expressions in GeoserverEPSS 99.8%KEVCVE-2026-33017CRITICALLangflow has Unauthenticated Remote Code Execution via Public Flow Build EndpointEPSS 98.4%KEVCVE-2024-21650CRITICALXWiki Remote Code Execution vulnerability via user registrationEPSS 93.5%CVE-2023-37462CRITICALImproper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in org.xwiki.platform:xwiki-platform-skin-uiEPSS 91.3%CVE-2024-7954CRITICALSPIP porte_plume Plugin Arbitrary PHP ExecutionEPSS 89.8%CVE-2023-46731CRITICALRemote code execution through the section parameter in Administration as guest in XWiki PlatformEPSS 88.5%CVE-2024-31984CRITICALXWiki Platform: Remote code execution through space title and Solr space facetEPSS 83.0%CVE-2023-50721CRITICALXWiki Platform RCE from account through SearchAdminEPSS 78.8%CVE-2023-35150CRITICALXWiki Platform vulnerable to privilege escalation (PR) from view right via Invitation applicationEPSS 77.7%CVE-2023-29509CRITICALorg.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerabilityEPSS 76.3%CVE-2022-36099CRITICALXWiki Platform Wiki UI Main Wiki Eval Injection vulnerabilityEPSS 75.9%CVE-2024-31465CRITICALXWiki Platform: Remote code execution from account via SearchSuggestSourceSheetEPSS 75.6%CVE-2024-36404CRITICALGeoTools Remote Code Execution (RCE) vulnerability in evaluating XPath expressionsEPSS 74.9%CVE-2023-26477CRITICALorg.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerabilityEPSS 74.8%CVE-2022-36100CRITICALXWiki Platform Applications Tag and XWiki Platform Tag UI vulnerable to Eval InjectionEPSS 73.6%CVE-2024-31982CRITICALXWiki Platform: Remote code execution as guest via DatabaseSearchEPSS 34.5%CVE-2026-0769CRITICALLangflow eval_custom_component_code Eval Injection Remote Code Execution VulnerabilityEPSS 33.8%CVE-2026-1470CRITICALAuthenticated users can bypass the Expression sandbox mechanism to achieve full remote code execution on n8n’s main node.EPSS 18.7%CVE-2023-7101HIGHArbitrary Code Execution (ACE) VulnerabilityEPSS 16.7%KEV