Weaknesses of type CWE-77

2,524 results
CVE-2025-48492HIGHGetSimple CMS RCE in Edit componentEPSS 0.8%CVE-2025-33180HIGHNVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could inject a command. A EPSS 0.8%CVE-2024-9145HIGHLocal command injection in Wiz Code Visual Studio Code extensionEPSS 0.8%CVE-2024-48861HIGHQHoraEPSS 0.8%CVE-2024-49560HIGHDell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a command injection vulnerability. A low priviEPSS 0.8%CVE-2023-49565HIGHRemote Code ExecutionEPSS 0.8%CVE-2024-24551HIGHBludit - Remote Code Execution (RCE) through Image APIEPSS 0.8%CVE-2024-41135HIGHAuthenticated Remote Code Execution in HPE Aruba Networking EdgeConnect SD-WAN Command Line InterfaceEPSS 0.8%CVE-2024-41133HIGHAuthenticated Remote Code Execution in HPE Aruba Networking EdgeConnect SD-WAN Command Line InterfaceEPSS 0.8%CVE-2018-19013An attacker could inject commands to delete files and/or delete the contents of a file on CX-Supervisor (Versions 3.42 and prior) through a EPSS 0.8%CVE-2020-29547MEDIUMAn issue was discovered in Citadel through webcit-926. Meddler-in-the-middle attackers can pipeline commands after POP3 STLS, IMAP STARTTLS,EPSS 0.8%CVE-2025-23239HIGHBIG-IP iControl REST vulnerabilityEPSS 0.8%CVE-2024-13871CRITICALUnauthenticated Command Injection in Bitdefender BOX v1EPSS 0.8%CVE-2024-28136HIGHPHOENIX CONTACT: command injection gains root privileges using the OCPP remote serviceEPSS 0.8%CVE-2026-23947CRITICALOrval MCP client is vulnerable to code injection via unsanitized x-enum-descriptions in enum generationEPSS 0.8%CVE-2024-48746CRITICALAn issue in Lens Visual integration with Power BI v.4.0.0.3 allows a remote attacker to execute arbitrary code via the Natural language procEPSS 0.7%CVE-2024-7679HIGHImproper neutralization special element in hyperlinksEPSS 0.7%CVE-2025-25605MEDIUMTotolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the apcli_wps_gen_pincode function in mtkwifi.lua.EPSS 0.7%CVE-2025-29230HIGHLinksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.emailReg function. The vulnerability can EPSS 0.7%CVE-2024-51771HIGHAuthenticated Remote Code Execution (RCE) via OGNL Injection in HPE Aruba Networking ClearPass Web-Based Management InterfaceEPSS 0.7%