Weaknesses of type CWE-94
3,719 resultsCVE-2021-1585HIGHCisco Adaptive Security Device Manager Remote Code Execution VulnerabilityEPSS 20.0%CVE-2012-1879HIGHMicrosoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code EPSS 19.6%CVE-2009-2529HIGHMicrosoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allowEPSS 19.5%CVE-2024-0195MEDIUMspider-flow FunctionController.java FunctionService.saveFunction code injectionEPSS 19.4%CVE-2010-1260HIGHThe IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary codeEPSS 19.1%CVE-2022-0811—A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cEPSS 18.6%CVE-2020-7012—Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype pollution flaw in the Upgrade Assistant. An authenticated attacker witEPSS 18.2%CVE-2025-26264HIGHGeoVision GV-ASWeb with the version 6.1.2.0 or less (fixed in 6.2.0), contains a Remote Code Execution (RCE) vulnerability within its NotifiEPSS 18.0%CVE-2025-5120HIGHSandbox Escape Vulnerability in huggingface/smolagentsEPSS 17.7%CVE-2025-55346CRITICALUnintended dynamic code execution leads to remote code execution by network attackersEPSS 17.4%CVE-2024-39932CRITICALGogs through 0.13.0 allows argument injection during the previewing of changes.EPSS 17.2%CVE-2024-20359MEDIUMA vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco AdapEPSS 17.0%KEVCVE-2023-6846HIGHFile Manager Pro <= 8.3.4 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 15.9%CVE-2024-31819CRITICALAn issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the subEPSS 15.6%CVE-2024-5565HIGHPrompt Injection in "ask" API with visualization leads to RCEEPSS 15.0%CVE-2023-22855CRITICALKardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllabEPSS 14.8%CVE-2025-8356CRITICALPath Traversal leading to RCEEPSS 14.7%CVE-2023-33440HIGHSourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=save_user.EPSS 14.5%CVE-2023-22513HIGHThis High severity RCE (Remote Code Execution) vulnerability was introduced in version 8.0.0 of Bitbucket Data Center and Server. This RCE (EPSS 14.3%CVE-2022-43571HIGHRemote Code Execution through dashboard PDF generation component in Splunk EnterpriseEPSS 14.3%