Weaknesses of type CWE-77
2,524 resultsCVE-2024-57212MEDIUMTOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the opmode parameter in the action_rebEPSS 0.7%CVE-2026-23653MEDIUMGitHub Copilot and Visual Studio Code Information Disclosure VulnerabilityEPSS 0.7%CVE-2023-21805HIGHWindows MSHTML Platform Remote Code Execution VulnerabilityEPSS 0.7%CVE-2025-62222HIGHAgentic AI and Visual Studio Code Remote Code Execution VulnerabilityEPSS 0.7%CVE-2025-0593HIGHSICK Lector8xx and InspectorP8xx vulnerable for code executionEPSS 0.7%CVE-2024-27818HIGHThe issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS EPSS 0.7%CVE-2025-45800CRITICALTOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a command execution vulnerability in the setDeviceName interface of the /lib/cste_modules/gEPSS 0.7%CVE-2025-50722CRITICALInsecure Permissions vulnerability in sparkshop v.1.1.7 allows a remote attacker to execute arbitrary code via the Common.php componentEPSS 0.7%CVE-2025-29227MEDIUMIn Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function EPSS 0.7%CVE-2025-23119HIGHAn Improper Neutralization of Escape Sequences vulnerability could allow an Authentication Bypass with a Remote Code Execution (RCE) by a maEPSS 0.7%CVE-2021-32692CRITICALActivity Watch vulnerable to command execution on macOS via printAppTitle.scptEPSS 0.7%CVE-2022-4009HIGHIn affected versions of Octopus Deploy it is possible for a user to introduce code via offline package creationEPSS 0.7%CVE-2024-1417HIGHLocal Code Injection Vulnerability in AuthPoint Password Manager App for macOS SafariEPSS 0.7%CVE-2023-47268MEDIUMIn libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host wheEPSS 0.7%CVE-2023-47104CRITICALtinyfiledialogs (aka tiny file dialogs) before 3.15.0 allows shell metacharacters (such as a backquote or a dollar sign) in titles, messagesEPSS 0.7%CVE-2026-20096MEDIUMCisco Integrated Management Controller Command Injection VulnerabilityEPSS 0.7%CVE-2025-29223MEDIUMLinksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the pt parameter in the traceRoute function.EPSS 0.7%CVE-2025-29226MEDIUMIn Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function EPSS 0.7%CVE-2021-1382MEDIUMCisco IOS XE SD-WAN Software Command Injection VulnerabilityEPSS 0.7%CVE-2025-64093CRITICALUnauthenticated Remote Code Execution via the device hostnameEPSS 0.7%