Weaknesses of type CWE-77

2,524 results
CVE-2025-66032HIGHClaude Code Command Validation Bypass Allows Arbitrary Code ExecutionEPSS 0.6%CVE-2025-41250HIGHHeader injection vulnerabilityEPSS 0.6%CVE-2022-45095MEDIUM Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated user having access local shell and having tEPSS 0.6%CVE-2025-56425CRITICALAn issue was discovered in the AppConnector component version 10.10.0.183 and earlier of enaio 10.10, in the AppConnector component version EPSS 0.6%CVE-2023-33298com.perimeter81.osx.HelperTool in Perimeter81 10.0.0.19 on macOS allows Local Privilege Escalation (to root) via shell metacharacters in usiEPSS 0.6%CVE-2026-4199MEDIUMbazinga012 mcp_code_executor index.ts installDependencies command injectionEPSS 0.6%CVE-2024-0005CRITICALA condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a specificEPSS 0.6%CVE-2019-1893HIGHCisco Enterprise NFV Infrastructure Software Command Injection VulnerabilityEPSS 0.6%CVE-2026-24299MEDIUMM365 Copilot Information Disclosure VulnerabilityEPSS 0.6%CVE-2021-31357HIGHJunos OS Evolved: shell-injection vulnerabilities in evo_tcpdump UI wrapper scriptEPSS 0.6%CVE-2020-1980HIGHPAN-OS: Shell injection vulnerability in PAN-OS CLI allows execution of shell commandsEPSS 0.6%CVE-2023-26430LOWAttackers with access to user accounts can inject arbitrary control characters to SIEVE mail-filter rules. This could be abused to access SIEPSS 0.6%CVE-2021-31358HIGHJunos OS Evolved: shell-injection vulnerabilities in evo_sftp UI wrapper scriptEPSS 0.6%CVE-2026-30352CRITICALA remote code execution (RCE) vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execuEPSS 0.6%CVE-2025-23170MEDIUMThe Versa Director SD-WAN orchestration platform includes functionality to initiate SSH sessions to remote CPEs and the Director shell via SEPSS 0.6%CVE-2024-28041HIGHHGW BL1500HM Ver 002.001.013 and earlier allows a network-adjacent unauthenticated attacker to execute an arbitrary command.EPSS 0.6%CVE-2026-22864HIGHDeno has an incomplete fix for command-injection prevention on Windows — case-insensitive extension bypassEPSS 0.6%CVE-2025-64419CRITICALCoolify vulnerable to command injection via docker-compose.yaml parametersEPSS 0.6%CVE-2026-32183HIGHWindows Snipping Tool Remote Code Execution VulnerabilityEPSS 0.6%CVE-2020-3207MEDIUMCisco IOS XE Software Command Injection VulnerabilityEPSS 0.6%