Weaknesses of type CWE-77

2,524 results
CVE-2024-40445HIGHA directory traversal vulnerability in forkosh Mime TeX before version 1.77 allows attackers on Windows systems to read or append arbitrary EPSS 0.6%CVE-2018-5412Imperva SecureSphere running v12.0.0.50 is vulnerable to local arbitrary code execution, escaping sealed-mode.EPSS 0.6%CVE-2024-34347HIGH@hoppscotch/cli affected by Sandbox Escape in @hoppscotch/js-sandbox leads to RCEEPSS 0.6%CVE-2026-30461HIGHDaylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the /controllers/InsEPSS 0.6%CVE-2025-65946HIGHRoo Code is Vulnerable to Potential Remote Code Execution via zsh Command Validation BugEPSS 0.6%CVE-2024-28729HIGHAn issue in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local attacker to execute arbitrary codEPSS 0.6%CVE-2024-48015MEDIUMDell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special ElementsEPSS 0.6%CVE-2025-46816CRITICALgoshs route not protected, allows command executionEPSS 0.6%CVE-2024-51260CRITICALDrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the EPSS 0.6%CVE-2021-38116HIGHPossible Command injection Vulnerability in OpenText iManagerEPSS 0.6%CVE-2023-40598HIGHCommand Injection in Splunk Enterprise Using External LookupsEPSS 0.6%CVE-2024-51300HIGHIn Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the geEPSS 0.6%CVE-2024-51299HIGHIn Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the duEPSS 0.6%CVE-2024-51304HIGHIn Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ldEPSS 0.6%CVE-2024-51296HIGHIn Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the piEPSS 0.6%CVE-2025-27211HIGHAn Improper Input Validation in EdgeMAX EdgeSwitch (Version 1.10.4 and earlier) could allow a Command Injection by a malicious actor with acEPSS 0.6%CVE-2024-51301HIGHIn Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the paEPSS 0.6%CVE-2025-26331HIGHDell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. AEPSS 0.6%CVE-2025-66738HIGHAn issue in Yealink T21P_E2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the EPSS 0.6%CVE-2020-13712HIGHMGOS Command InjectionEPSS 0.6%