Weaknesses of type CWE-94

3,774 results
CVE-2025-5137MEDIUMDedeCMS Incomplete Fix CVE-2018-9175 sys_verifies.php code injectionEPSS 0.5%CVE-2024-13021MEDIUMSourceCodester Road Accident Map Marker add-mark.php cross site scriptingEPSS 0.5%CVE-2025-34123HIGHVideoCharge Studio 2.12.3.685 SEH Buffer Overflow via .VSC FileEPSS 0.5%CVE-2025-1213MEDIUMpihome-shc PiHome index.php cross site scriptingEPSS 0.5%CVE-2026-43680HIGHA Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to bypass a front-end restrictiEPSS 0.5%CVE-2024-51815CRITICALWordPress s2Member plugin <= 241114 - Remote Code Execution (RCE) vulnerabilityEPSS 0.5%CVE-2024-23963HIGHAlpine Halo9 Stack-based Buffer OverflowEPSS 0.5%CVE-2025-69517HIGHAn HTML injection vulnerability in Amidaware Inc Tactical RMM v1.3.1 and earlier allows authenticated users to inject arbitrary HTML contentEPSS 0.5%CVE-2024-38319HIGHIBM Security SOAR code executionEPSS 0.5%CVE-2024-2097HIGHAn authenticated malicious client can send a special LINQ query to execute arbitrary code remotely (RCE) on the SCM server from List controlEPSS 0.5%CVE-2026-46851HIGHVulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft (component: Security). The supported version tEPSS 0.5%CVE-2024-49747CRITICALIn gatts_process_read_by_type_req of gatt_sr.cc, there is a possible out of bounds write due to a logic error in the code. This could lead tEPSS 0.5%CVE-2025-59251HIGHMicrosoft Edge (Chromium-based) Remote Code Execution VulnerabilityEPSS 0.5%CVE-2025-2803HIGHSo-Called Air Quotes <= 0.1 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.5%CVE-2025-59952HIGHminio-java Client XML Tag is Vulnerable to Value SubstitutionEPSS 0.5%CVE-2024-13034MEDIUMcode-projects Chat System update_user.php cross site scriptingEPSS 0.5%CVE-2025-1949MEDIUMZZCMS URL register_nodb.php cross site scriptingEPSS 0.5%CVE-2025-1174MEDIUM1000 Projects Bookstore Management System Add Book Page process_book_add.php cross site scriptingEPSS 0.5%CVE-2025-30172HIGHAdmin Authorized Remote Code ExecutionEPSS 0.5%CVE-2024-0521CRITICALCode Injection in paddlepaddle/paddleEPSS 0.5%