Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-94

CWE-94

Medium likelihood

Improper Control of Generation of Code ('Code Injection')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

6,474 vulnerabilities with CWE-94

CVE-2025-67038 CRITICAL

Lantronix EDS5000 2.1.0.0R3 - Command Injection

CVE-2025-67037 HIGH

Lantronix EDS5000 2.1.0.0R3 - Command Injection

CVE-2025-67036 HIGH

Lantronix EDS5000 2.1.0.0R3 - Command Injection

CVE-2025-67035 CRITICAL

Lantronix EDS5000 2.1.0.0R3 - Command Injection

CVE-2025-67034 HIGH

Lantronix EDS5000 2.1.0.0R3 - Command Injection

CVE-2025-70995 HIGH

Aranda Service Desk 8.6 - Authenticated RCE

CVE-2025-70341 HIGH

App-Auto-Patch 3.4.2 - Privilege Escalation

CVE-2025-59059 CRITICAL

Apache Ranger <= 2.7.0 - Remote Code Execution via NashornScriptEngineCreator

CVE-2025-9120 HIGH

OpenText Carbonite Safe Server Backup <6.8.3 - Code Injection

CVE-2025-70328 HIGH

TOTOLINK X6000R v9.4.0cu.1498_B20250826 - Command Injection

CVE-2025-15583 LOW

detronetdip E-commerce 1.0.0 - Cross-Site Scripting via get_safe_value Function

CVE-2025-67979 CRITICAL

WPForms Google Sheet Connector <=4.0.1 - Code Injection

CVE-2025-52744 HIGH

Inpersttion For Theme <=1.0 - Code Injection

CVE-2025-71243 CRITICAL

SPIP Saisies 5.4.0-5.11.0 - Remote Code Execution

CVE-2025-14009 CRITICAL

nltk < 3.9.3 - Remote Code Execution via Malicious Zip Package Extraction

CVE-2025-61982 HIGH

OpenCFD OpenFOAM 2506 - Code Injection

CVE-2025-33251 HIGH

NVIDIA NeMo < 2.6.1 - Remote Code Execution

CVE-2025-33250 HIGH

NVIDIA NeMo < 2.6.1 - Remote Code Execution

CVE-2025-33240 HIGH

NVIDIA Megatron Bridge - Code Injection

CVE-2025-33239 HIGH

NVIDIA Megatron Bridge - Code Injection

CVE-2025-33236 HIGH

NVIDIA NeMo Framework - Code Injection

CVE-2025-70830 CRITICAL

Datart 1.0.0-rc.3 - Authenticated Remote Code Execution via Freemarker Template Injection in SQL Script Field

CVE-2025-65716 HIGH

Visual Studio Code Extensions Markdown Preview Enhanced <0.8.18 - RCE

CVE-2025-65715 HIGH

Visual Studio Code Code Runner 0.12.2 - Crafted Workspace Code Execution

CVE-2025-33042 HIGH

Apache Avro Java SDK <1.12.1-1.11.5 - Code Injection

Previous Page 33 of 259 Next

Details

Vulnerabilities 6,474

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy