Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2025-65037
CRITICAL CVSS 10.0
Find Similar
Improper control of generation of code ('code injection') in Azure Container Apps allows an unauthorized attacker to execute code over a network.
Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network.
Improper control of generation of code ('code injection') in Azure Monitor Agent allows an unauthorized attacker to execute code over an adjacent network.
Improper control of generation of code ('code injection') in Microsoft Data Formulator allows an unauthorized attacker to execute code over a network.
CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited co
CVE-2026-42898
CRITICAL CVSS 9.9
Find Similar
Improper control of generation of code ('code injection') in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to execute code over a network.
CVE-2026-42833
CRITICAL CVSS 9.1
Find Similar
Improper control of generation of code ('code injection') in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to execute code over a network.
CVE-2025-49704
HIGH CVSS 8.8 KEV
Find Similar
Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Improper control of generation of code ('code injection') in Microsoft Exchange Server allows an unauthorized attacker to execute code over a network.
A Local Code Injection Vulnerability exists in the product and version listed above. The vulnerability is due to incorrect default permissions and allows for DLLs to be executed with higher level perm
CVE-2025-62023
CRITICAL CVSS 9.0
Find Similar
Improper Control of Generation of Code ('Code Injection') vulnerability in Cristián Lávaque s2Member s2member.This issue affects s2Member: from n/a through <= 250905.
CVE-2024-45480
CRITICAL CVSS 9.2
Find Similar
An improper control of generation of code ('Code Injection') vulnerability in the AprolCreateReport component of B&R APROL <4.4-00P5 may allow an unauthenticated network-based attacker to read files f
A code injection vulnerability can allow a low-privileged user to overwrite files on that VSPC server, which can lead to remote code execution on VSPC server.
Improper Control of Generation of Code ('Code Injection') vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows Code Injection.This issue affects MapSVG: from n/a through <= 8.6
A low-privileged remote attacker may be able to replace the boot application of the CODESYS Control runtime system, enabling unauthorized code execution.
Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally.
Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code over a network.
Improper Control of Generation of Code ('Code Injection') vulnerability in Beplusthemes Alone alone allows Remote Code Inclusion.This issue affects Alone: from n/a through <= 7.8.2.
CVE-2025-55319
CRITICAL CVSS 9.8
Find Similar
Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to execute code over a network.
Page 1+ Next →