Falhas do tipo CWE-95
142 resultadosCVE-2025-50187CRITICALChamilo: Evaluation of untrusted user input leads to Remote Code ExecutionEPSS 0.9%CVE-2024-45850HIGHAn arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePointEPSS 0.9%CVE-2024-45849HIGHAn arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePointEPSS 0.9%CVE-2024-45851HIGHAn arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePointEPSS 0.9%CVE-2025-66474HIGHXWiki vulnerable to remote code execution through insufficient protection against {{/html}} injectionEPSS 0.9%CVE-2026-35002CRITICALAgno < 2.3.24 field_type Eval Injection Arbitrary Code ExecutionEPSS 0.9%CVE-2024-45847HIGHAn arbitrary code execution vulnerability exists in versions 23.11.4.2 up to 24.7.4.1 of the MindsDB platform, when one of several integratiEPSS 0.9%CVE-2026-44128CRITICALUnauthenticated Remote Code ExecutionEPSS 0.8%CVE-2024-45848HIGHAn arbitrary code execution vulnerability exists in versions 23.12.4.0 up to 24.7.4.1 of the MindsDB platform, when the ChromaDB integrationEPSS 0.8%CVE-2024-39173CRITICALcalculator-boilerplate v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the eval function at /routes/calculatoEPSS 0.8%CVE-2026-47103CRITICALPython StateMachine 3.0.0 < 3.2.0 RCE via SCXML eval() InjectionEPSS 0.8%CVE-2026-1665MEDIUMCommand Injection in nvm via NVM_AUTH_HEADER in wget code pathEPSS 0.8%CVE-2026-28370CRITICALIn the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage API may trigger codEPSS 0.8%CVE-2023-48699HIGHfastbots Eval Injection vulnerabilityEPSS 0.7%CVE-2022-38193MEDIUMCode injection issue in Portal for ArcGIS (10.7.1 and 10.8.1)EPSS 0.7%CVE-2025-55728CRITICALXWiki Remote Macros vulnerable to remote code execution using the panel macroEPSS 0.7%CVE-2023-0090CRITICALProofpoint Enterprise Protection webservices unauthenticated RCEEPSS 0.7%CVE-2023-0089HIGHProofpoint Enterprise Protection webutils authenticated RCEEPSS 0.7%CVE-2026-4001CRITICALWoocommerce Custom Product Addons Pro <= 5.4.1 - Unauthenticated Remote Code Execution via Custom Pricing FormulaEPSS 0.7%CVE-2024-3562HIGHCustom Field Suite <= 2.6.7 - Authenticated (Contributor+) PHP Code Injection via Loop Custom FieldEPSS 0.6%