CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,536 vulnerabilities with CWE-94
CVE-2015-4726
AudioShare 2.0.2 - Remote File Inclusion via config['basedir'] Parameter
CVE-2015-4338
XCloner 3.1.2 - Authenticated PHP Code Injection via Translation Language Field
CVE-2015-0935
Bomgar Remote Support < 14.3.2 - Remote Code Execution via PHP Deserialization
CVE-2015-2945
mt-phpincgi <2015-05-15 - Code Injection
CVE-2015-1699
Microsoft Windows - Remote Code Execution via Crafted Journal File
CVE-2015-1698
Microsoft Windows - Remote Code Execution via Crafted Journal File
CVE-2015-1697
Microsoft Windows - Remote Code Execution via Crafted Journal File
CVE-2015-1696
Microsoft Windows - Remote Code Execution via Crafted Journal File
CVE-2015-1695
Microsoft Windows - Remote Code Execution via Crafted Journal File
CVE-2015-1675
Microsoft Windows - Remote Code Execution via Crafted Journal File
CVE-2015-3446
AlienVault Unified Security Management <4.15 - RCE
CVE-2015-1399
Magento CE/EE <1.9.1.0-1.14.1.0 - RCE
CVE-2015-0845
Sixapart Movabletype < 5.2.11 - Code Injection
CVE-2015-1645
Microsoft Windows - Remote Code Execution via Crafted EMF Image
CVE-2015-1635
CRITICAL
KEV
MS15-034 HTTP Protocol Stack Request Handling Denial-of-Service
CVSS 9.8
CVE-2015-2171
Slim < 2.6.0 - Remote Code Execution via Session Cookie Deserialization
CVE-2015-0279
JBoss RichFaces 4.0.0-4.5.3 - Remote Code Execution via EL Expression Injection
CVE-2015-0898
futomi MP Form Mail CGI < 2.0.12 - Remote Code Execution
CVE-2015-1061
Apple tvOS < 7.0.3 - Remote Code Execution via IOSurface Type Confusion
CVE-2015-0093
Microsoft Windows Adobe Font Driver - Remote Code Execution via Crafted File
CVE-2015-0092
Microsoft Windows Adobe Font Driver - Remote Code Execution via Crafted Website or File
CVE-2015-0091
Microsoft Windows Adobe Font Driver - Remote Code Execution via Crafted File
CVE-2015-0090
Microsoft Windows Adobe Font Driver - Remote Code Execution via Crafted File
CVE-2015-0088
Microsoft Windows - Remote Code Execution via Adobe Font Driver
CVE-2015-1597
Siemens SPCanywhere - Code Injection
Details
Vulnerabilities
6,536
Exploit Likelihood
Medium