Falhas do tipo CWE-94

3.778 resultados
CVE-2024-45390HIGH@blakeembrey/template vulnerable to code injection when attacker controls template inputEPSS 0.4%CVE-2026-41249HIGHCoreShop Vulnerable to Remote Code Execution (RCE) via Insecure `pull_request_target` ConfigurationEPSS 0.4%CVE-2025-2714MEDIUMJoomlaUX JUX Real Estate addagent cross site scriptingEPSS 0.4%CVE-2026-7191HIGHArbitrary Code Execution via Sandbox Bypass in the open source solution QnABot on AWSEPSS 0.4%CVE-2025-47588CRITICALWordPress Dynamic Pricing With Discount Rules for WooCommerce plugin <= 4.5.9 - Arbitrary Code Execution vulnerabilityEPSS 0.4%CVE-2025-54594CRITICALreact-native-bottom-tabs: Arbitrary code execution in GitHub Actions canary workflow leads to secret exfiltrationEPSS 0.4%CVE-2025-61588CRITICALrisc0 vulnerable to arbitrary code execution in guest via memory safety failure in `sys_read`EPSS 0.4%CVE-2023-6691HIGHCode Injection vulnerability in Cambium ePMP Force 300-25EPSS 0.4%CVE-2023-1367MEDIUM Code Injection in alextselegidis/easyappointmentsEPSS 0.4%CVE-2022-23465HIGHSwiftTerm vulnerable to arbitrary command executionEPSS 0.4%CVE-2023-6604MEDIUMFfmpeg: hls xbin demuxer dos amplification in ffmpegEPSS 0.4%CVE-2025-61929CRITICALCherry Studio allows one-click on a specific URL to cause a command to executeEPSS 0.4%CVE-2025-11093HIGHArbitrary Code Execution with higher privileged users in Multiple WSO2 Products via Script Mediator Engines (GraalJS and NashornJS)EPSS 0.4%CVE-2024-34761HIGHWordpress Advanced Custom Fields Pro plugin < 6.2.10 - Contributor+ Arbitrary Function Execution vulnerabilityEPSS 0.4%CVE-2025-7885MEDIUMHuashengdun WebSSH Login Page cross site scriptingEPSS 0.4%CVE-2024-6006MEDIUMZKTeco ZKBio CVSecurity V5000 Summer Schedule cross site scriptingEPSS 0.4%CVE-2026-1516MEDIUMImproper Control of Generation of Code ('Code Injection') in GitLabEPSS 0.4%CVE-2026-28425HIGHStatamic vulnerable to remote code execution via Antlers-enabled control panel inputsEPSS 0.4%CVE-2024-6005MEDIUMZKTeco ZKBio CVSecurity V5000 Department Section cross site scriptingEPSS 0.4%CVE-2025-63665CRITICALAn issue in GT Edge AI Community Edition Versions before v2.0.12 allows attackers to execute arbitrary code via injecting a crafted JSON payEPSS 0.4%