Fallos del tipo CWE-94
3754 resultadosCVE-2013-10057HIGHSynactis PDF In-The-Box ConnectToSynactic Stack-Based Buffer OverflowEPSS 1.1%CVE-2023-37470CRITICALMetabase vulnerable to remote code execution via POST /api/setup/validate API endpoint EPSS 1.1%CVE-2025-34127CRITICALAchat v0.150 SEH Buffer Overflow via UDPEPSS 1.1%CVE-2026-23830CRITICALSandboxJS has Sandbox Escape via Unprotected AsyncFunction ConstructorEPSS 1.1%CVE-2023-0671CRITICAL Code Injection in froxlor/froxlorEPSS 1.1%CVE-2023-51282HIGHAn issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain sensitive information via a crafted script to the password parameter.EPSS 1.1%CVE-2024-33644CRITICALWordPress Customify Site Library plugin <= 0.0.9 - Remote Code Execution (RCE) vulnerabilityEPSS 1.1%CVE-2023-32692CRITICALRemote Code Execution Vulnerability in Validation PlaceholdersEPSS 1.1%CVE-2023-48390CRITICALMultisuns EasyLog web+ - Command InjectionEPSS 1.1%CVE-2023-45849CRITICALArbitrary Code Execution in Helix CoreEPSS 1.1%CVE-2026-33336MEDIUMVikunja Desktop vulnerable to Remote Code Execution via same-window navigationEPSS 1.1%CVE-2024-10131HIGHRemote Code Execution in infiniflow/ragflowEPSS 1.1%CVE-2024-40487HIGHA Stored Cross Site Scripting (XSS) vulnerability was found in "/view_type.php" of Kashipara Live Membership System v1.0, which allows remotEPSS 1.1%CVE-2021-38117HIGHPossible Remote Code Execution Vulnerability OpenText iManagerEPSS 1.1%CVE-2023-1708MEDIUMAn issue was identified in GitLab CE/EE affecting all versions from 1.0 prior to 15.8.5, 15.9 prior to 15.9.4, and 15.10 prior to 15.10.1 whEPSS 1.1%CVE-2022-30175HIGHAzure RTOS GUIX Studio Remote Code Execution VulnerabilityEPSS 1.1%CVE-2024-30202HIGHIn Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23.EPSS 1.1%CVE-2024-25298HIGHAn issue was discovered in REDAXO version 5.15.1, allows attackers to execute arbitrary code and obtain sensitive information via modules.moEPSS 1.1%CVE-2024-21574CRITICALThe issue stems from a missing validation of the pip field in a POST request sent to the /customnode/install endpoint used to install customEPSS 1.1%CVE-2024-8923CRITICALSandbox Escape in Now PlatformEPSS 1.1%