Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-94

CWE-94

Medium likelihood

Improper Control of Generation of Code ('Code Injection')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

6,510 vulnerabilities with CWE-94

CVE-2023-45144 CRITICAL

XWiki OAuth Identity < 1.6 - Remote Code Execution via OAuth Login Parameter Injection

CVE-2023-29453 CRITICAL

Zabbix Agent2 5.0.0-5.0.34 - JavaScript Injection via Backtick Delimiter Mishandling

CVE-2023-43661 HIGH

Cachet < 2.4 - Remote Code Execution via Template Injection

CVE-2023-36789 HIGH

Skype for Business Server - Remote Code Execution

CVE-2023-36718 HIGH

Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Remote Code Execution in Virtual Trusted Platform Module

CVE-2023-36702 HIGH

Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Remote Code Execution via DirectMusic

CVE-2023-36592 HIGH

Windows 10/11 and Windows Server - Remote Code Execution in MSMQ

CVE-2023-36591 HIGH

Windows 10, 11, Server 2008-2019 - Remote Code Execution in MSMQ

CVE-2023-36589 HIGH

Windows 10/11 and Windows Server - Remote Code Execution in MSMQ

CVE-2023-36575 HIGH

Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Remote Code Execution in MSMQ

CVE-2023-36574 HIGH

Microsoft Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Remote Code Execution in Message Queuing

CVE-2023-36573 HIGH

Microsoft Windows MSMQ - Remote Code Execution

CVE-2023-36572 HIGH

Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Remote Code Execution in MSMQ

CVE-2023-36571 HIGH

Microsoft Windows 10/11 and Windows Server 2008-2022 - Remote Code Execution in MSMQ

CVE-2023-36570 HIGH

Microsoft Windows 10/11 and Windows Server - Remote Code Execution in Message Queuing

CVE-2023-43625 CRITICAL

Simcenter Amesim < 2021.1 - Unauthenticated DLL Injection via SOAP Endpoint

CVE-2023-44847 HIGH

SeaCMS < 12.8 - Remote Code Execution via admin_Weixin.php

CVE-2023-44846 HIGH

SeaCMS < 12.8 - Remote Code Execution via admin_notify.php

CVE-2023-44392 HIGH

Garden < 0.12.65 - Remote Code Execution via Cryo Deserialization in Test/Run Result ConfigMaps

CVE-2023-45311 CRITICAL

fsevents < 1.2.11 - Remote Code Execution via Untrusted Binary Download URL

CVE-2023-35897 HIGH

IBM Spectrum Protect Client & Storage Protect - Local RCE

CVE-2023-3665 MEDIUM

Trellix Endpoint Security < 10.7.0 - Local Code Injection via Environment Variable Manipulation

CVE-2023-3656 CRITICAL

cashit! < 03.a06rks_2023.02.37 - Unauthenticated Remote Code Execution via HTTP Endpoint

CVE-2023-44011 CRITICAL

mojoportal 2.7.0.0 - Remote Code Execution via Skin Management Layout.master File

CVE-2023-5201 CRITICAL

OpenHook <= 4.3.0 - Authenticated Remote Code Execution via PHP Shortcode

Previous Page 128 of 261 Next

Details

Vulnerabilities 6,510

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy