Weaknesses of type CWE-94
3,760 resultsCVE-2024-22632CRITICALSetor Informatica Sistema Inteligente para Laboratorios (S.I.L.) 388 was discovered to contain a remote code execution (RCE) vulnerability vEPSS 1.0%CVE-2025-53002HIGHLLaMA-Factory Remote Code Execution (RCE) VulnerabilityEPSS 1.0%CVE-2023-24576HIGH
EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the NetWorker Client execution sEPSS 1.0%CVE-2023-6899MEDIUMrmountjoy92 DashMachine Config save_config code injectionEPSS 1.0%CVE-2020-11056HIGHPotential Code Injection in Sprout FormsEPSS 1.0%CVE-2024-22533CRITICALBefore Beetl v3.15.12, the rendering template has a server-side template injection (SSTI) vulnerability. When the incoming template is contrEPSS 1.0%CVE-2023-45673HIGHArbitrary code execution on click of PDF links in JoplinEPSS 1.0%CVE-2023-25344—An issue was discovered in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to execute arbitrary code via crafted Object.protEPSS 1.0%CVE-2024-21511CRITICALVersions of the package mysql2 before 3.9.7 are vulnerable to Arbitrary Code Injection due to improper sanitization of the timezone parameteEPSS 1.0%CVE-2023-27866MEDIUMIBM Informix JDBC code executionEPSS 1.0%CVE-2024-2016MEDIUMZhiCms setcontroller.php index code injectionEPSS 1.0%CVE-2024-39700CRITICALRemote Code Execution (RCE) vulnerability in jupyterlab extension template `update-integration-tests` GitHub ActionEPSS 1.0%CVE-2024-25180CRITICALAn issue discovered in pdfmake 0.2.9 allows remote attackers to run arbitrary code via crafted POST request to the /pdf endpoint. NOTE: thisEPSS 1.0%CVE-2024-42902HIGHAn issue in the js_localize.php function of LimeSurvey v6.6.2 and before allows attackers to execute arbitrary code via injecting a crafted EPSS 1.0%CVE-2024-48694CRITICALFile Upload vulnerability in Xi'an Daxi Information technology OfficeWeb365 v.8.6.1.0 and v7.18.23.0 allows a remote attacker to execute arbEPSS 1.0%CVE-2025-44022CRITICALAn issue in vvveb CMS v.1.0.6 allows a remote attacker to execute arbitrary code via the Plugin mechanism.EPSS 1.0%CVE-2017-20064MEDIUMElefant CMS layout code injectionEPSS 1.0%CVE-2024-40442HIGHAn issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annEPSS 1.0%CVE-2023-29382—An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary code via the sfdc_preauth.jsp component.EPSS 1.0%CVE-2025-29039HIGHAn issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x41dda8EPSS 1.0%