Weaknesses of type CWE-77

2,524 results
CVE-2025-32702HIGHVisual Studio Remote Code Execution VulnerabilityEPSS 0.5%CVE-2022-37704MEDIUMAmanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /EPSS 0.5%CVE-2026-23779MEDIUMDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release verEPSS 0.5%CVE-2024-38817MEDIUMVMware NSX contains a command injection vulnerability.  A malicious actor with access to the NSX Edge CLI terminal may be able to craft malEPSS 0.5%CVE-2025-59252CRITICALM365 Copilot Information Disclosure VulnerabilityEPSS 0.5%CVE-2025-59286CRITICALCopilot Information Disclosure VulnerabilityEPSS 0.5%CVE-2024-52011HIGHlaunch-editor vulnerable to command injection via the crafted request on WindowsEPSS 0.5%CVE-2025-9161HIGHRockwell Automation FactoryTalk Optix Remote Code Execution VulnerabilityEPSS 0.5%CVE-2021-38120MEDIUMRemote Code Execution using Bash command Injection in backup scheduling functionality in NetIQ Advance AuthenticationEPSS 0.5%CVE-2025-59272CRITICALCopilot Information Disclosure VulnerabilityEPSS 0.5%CVE-2024-32884MEDIUMgix-transport indirect code execution via malicious usernameEPSS 0.5%CVE-2025-52995HIGHFile Browser vulnerable to command execution allowlist bypassEPSS 0.5%CVE-2026-30310CRITICALIn its design for automatic terminal command execution, Sixth offers two options: Execute safe commands and Execute all commands. The descriEPSS 0.5%CVE-2019-1791MEDIUMCisco NX-OS Software Command Injection VulnerabilityEPSS 0.5%CVE-2019-1623MEDIUMCisco Meeting Server CLI Command Injection VulnerabilityEPSS 0.5%CVE-2025-67436MEDIUMAuthenticated Remote Code Execution (RCE) in PluXml CMS 5.8.22 allows an attacker with administrator panel access to inject a malicious PHP EPSS 0.5%CVE-2026-42827MEDIUMM365 Copilot Information Disclosure VulnerabilityEPSS 0.5%CVE-2025-24861HIGHOutback Power Mojave Inverter Command InjectionEPSS 0.5%CVE-2025-29509HIGHJan v0.5.14 and before is vulnerable to remote code execution (RCE) when the user clicks on a rendered link in the conversation, due to openEPSS 0.5%CVE-2019-17148HIGHThis vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop version 14EPSS 0.5%