Weaknesses of type CWE-77

2,524 results
CVE-2024-22545HIGHAn issue was discovered in TRENDnet TEW-824DRU version 1.04b01, allows unauthenticated attackers to execute arbitrary code via the system.ntEPSS 0.5%CVE-2025-29157MEDIUMAn issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via accessing a non-existent endpoint/cart, the server returEPSS 0.5%CVE-2025-40937HIGHA vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected application do not properly validate input paraEPSS 0.5%CVE-2018-0481Cisco IOS XE Software Command Injection VulnerabilitiesEPSS 0.5%CVE-2018-0477Cisco IOS XE Software Command Injection VulnerabilitiesEPSS 0.5%CVE-2026-47240MEDIUMNet::IMAP: Command Injection via non-synchronizing literal in "raw" argumentEPSS 0.5%CVE-2024-4578HIGHPrivilege escalation in Arista Wireless Access PointsEPSS 0.5%CVE-2024-23971HIGHChargePoint Home Flex OCPP bswitch Command InjectionEPSS 0.5%CVE-2024-44570HIGHRELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the getParams function in phpinf.php.EPSS 0.5%CVE-2019-1606MEDIUMCisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1606)EPSS 0.5%CVE-2026-12045CRITICALpgAdmin 4: AI Assistant read-only transaction bypass allows unauthorised writes and remote code executionEPSS 0.5%CVE-2025-54131MEDIUMCursor bypasses its allow list to execute arbitrary commandsEPSS 0.5%CVE-2023-42136HIGHPAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow the execution of arbitrary commands witEPSS 0.5%CVE-2025-59818CRITICALAuthenticated Remote Code Execution via the file name of an uploaded fileEPSS 0.5%CVE-2024-48139HIGHA prompt injection vulnerability in the chatbox of Blackbox AI v1.3.95 allows attackers to access and exfiltrate all previous and subsequentEPSS 0.5%CVE-2023-5752MEDIUMMercurial configuration injectable in repo revision when installing via pipEPSS 0.5%CVE-2018-0347A vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the Cisco SD-WAN Solution could allow an authenticated, local attacker to EPSS 0.5%CVE-2019-1923MEDIUMCisco Small Business SPA500 Series IP Phones Local Command Execution VulnerabilityEPSS 0.5%CVE-2026-30617HIGHLangChain-ChatChat 0.3.1 contains a remote code execution vulnerability in its MCP STDIO server configuration and execution handling. A remoEPSS 0.5%CVE-2018-0351A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbiEPSS 0.5%