Weaknesses of type CWE-356
32 resultsCVE-2018-16858HIGHIt was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute EPSS 67.5%CVE-2019-6737HIGHThis vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. User intEPSS 3.8%CVE-2019-6738HIGHThis vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. User intEPSS 3.7%CVE-2019-6736HIGHThis vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. User intEPSS 3.7%CVE-2019-13322HIGHThis vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Browser Prior to 10.4.0. User intEPSS 2.6%CVE-2019-17151MEDIUMThis vulnerability allows remote attackers redirect users to an external resource on affected installations of Tencent WeChat Prior to 7.0.9EPSS 1.4%CVE-2025-31334MEDIUMIssue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable fileEPSS 1.2%CVE-2024-3044MEDIUMGraphic on-click binding allows unchecked script executionEPSS 1.0%CVE-2022-39362HIGHMetabase vulnerable to arbitrary SQL execution from queryhashEPSS 0.8%CVE-2022-36970HIGHThis vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 20.0 Build: 4201.2111.1802.0000EPSS 0.6%CVE-2022-35873HIGHThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b202EPSS 0.6%CVE-2024-2609MEDIUMThe permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websiEPSS 0.6%CVE-2025-2450HIGHNI Vision Builder AI VBAI File Processing Missing Warning Remote Code Execution VulnerabilityEPSS 0.5%CVE-2018-10595—A vulnerability in ReadA version 1.1.0.2 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (EPSS 0.4%CVE-2024-30057MEDIUMMicrosoft Edge for iOS Spoofing VulnerabilityEPSS 0.4%CVE-2025-3839HIGHEpiphany: insecure external protocol invocation in epiphanyEPSS 0.4%CVE-2018-10593—A vulnerability in DB Manager version 3.0.1.0 and previous and PerformA version 3.0.0.0 and previous allows an authorized user with access tEPSS 0.4%CVE-2025-3909HIGHJavaScript Execution via Spoofed PDF Attachment and file:/// LinkEPSS 0.4%CVE-2026-0777HIGHXmind Attachment Insufficient UI Warning Remote Code Execution VulnerabilityEPSS 0.3%CVE-2025-14403HIGHPDFsam Enhanced Launch Insufficient UI Warning Remote Code Execution VulnerabilityEPSS 0.3%