Falhas do tipo CWE-94
3.760 resultadosCVE-2024-22131CRITICALCode Injection vulnerability in SAP ABA (Application Basis)EPSS 1.1%CVE-2023-1304HIGHRapid7 InsightCloudSec getattr() method accessEPSS 1.1%CVE-2022-36386CRITICALWordPress Import any XML or CSV File to WordPress plugin <= 3.6.7 - Authenticated Arbitrary Code Execution vulnerabilityEPSS 1.1%CVE-2022-2636HIGHCode Injection in hestiacp/hestiacpEPSS 1.1%CVE-2026-27493CRITICALn8n has Unauthenticated Expression Evaluation via Form NodeEPSS 1.1%CVE-2024-10771HIGHSICK InspectorP61x, SICK InspectorP62x and SICK TiM3xx are vulnerable for remote code executionEPSS 1.1%CVE-2023-6996HIGHDisplay custom fields in the frontend – Post and User Profile Fields <= 1.2.1 - Authenticated (Contributor+) Code InjectionEPSS 1.1%CVE-2022-46101HIGHAyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting maliEPSS 1.1%CVE-2024-24396MEDIUMCross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrarEPSS 1.1%CVE-2024-21537HIGHVersions of the package lilconfig from 3.1.0 and before 3.1.1 are vulnerable to Arbitrary Code Execution due to the insecure usage of eval iEPSS 1.1%CVE-2025-28203HIGHVicture RX1800 EN_V1.0.0_r12_110933 was discovered to contain a command injection vulnerability.EPSS 1.1%CVE-2023-50379HIGHApache Ambari: authenticated users could perform command injection to perform RCEEPSS 1.1%CVE-2023-23619CRITICALImproper Control of Generation of Code ('Code Injection') in @asyncapi/modelinaEPSS 1.1%CVE-2023-35333HIGHMediaWiki PandocUpload Extension Remote Code Execution VulnerabilityEPSS 1.1%CVE-2026-40217HIGHLiteLLM through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at the /guardrails/test_custom_code URI.EPSS 1.1%CVE-2023-43481CRITICALAn issue in Shenzhen TCL Browser TV Web BrowseHere (aka com.tcl.browser) 6.65.022_dab24cc6_231221_gp allows a remote attacker to execute arbEPSS 1.1%CVE-2023-1947MEDIUMtaoCMS admin.php code injectionEPSS 1.1%CVE-2024-48581CRITICALFile Upload vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary code via the admin_clEPSS 1.1%CVE-2024-21541MEDIUMVersions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to use of the Function constructor without EPSS 1.1%CVE-2026-0761CRITICALFoundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution VulnerabilityEPSS 1.1%