Weaknesses of type CWE-77
2,525 resultsCVE-2024-20326HIGHA vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, loEPSS 0.3%CVE-2025-70093HIGHAn issue in OpenSourcePOS v3.4.1 allows attackers to execute arbitrary code via returning a crafted AJAX response.EPSS 0.3%CVE-2025-61584CRITICALserverless-dns is vulnerable to Command Injection through pr.yml GitHub Action WorkflowEPSS 0.3%CVE-2024-7110MEDIUMImproper Neutralization of Special Elements used in a Command ('Command Injection') in GitLabEPSS 0.3%CVE-2025-14031HIGHIBM Sterling B2B Integrator and IBM Sterling File Gateway Denial of ServiceEPSS 0.3%CVE-2022-40746HIGHIBM i Access Family 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.0 could allow a local authenticated attacker to execute arbitrary code on EPSS 0.3%CVE-2022-47028MEDIUMAn issue discovered in Action Launcher for Android v50.5 allows an attacker to cause a denial of service via arbitary data injection to funcEPSS 0.3%CVE-2025-60268MEDIUMAn arbitrary file upload vulnerability exists in JeeWMS 20250820, which is caused by the lack of file checking in the saveFiles function in EPSS 0.3%CVE-2025-25768MEDIUMMRCMS v3.1.2 was discovered to contain a server-side template injection (SSTI) vulnerability in the component \servlet\DispatcherServlet.javEPSS 0.3%CVE-2026-22601HIGHOpenProject is Vulnerable to Code Execution in E-Mail functionEPSS 0.3%CVE-2026-54090HIGHFile Browser: Command Allowlist Bypass via Shell Metacharacter InjectionEPSS 0.3%CVE-2025-46176MEDIUMHardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow attackers to remotely execute arbitrary EPSS 0.3%CVE-2022-25619LOWAuthenticated Command Injection to RCEEPSS 0.3%CVE-2025-45326MEDIUMAn issue in PocketVJ CP PocketVJ-CP-v3 pvj 3.9.1 allows remote attackers to execute arbitrary code via the submit_size.php component.EPSS 0.3%CVE-2025-64671HIGHGitHub Copilot for Jetbrains Remote Code Execution VulnerabilityEPSS 0.3%CVE-2024-21117MEDIUMVulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Supported versions thatEPSS 0.3%CVE-2026-44257CRITICALefw4.X: RCE via zipslipEPSS 0.3%CVE-2026-24685CRITICALOpenProject has Argument Injection on Repository module that allows Arbitrary File WriteEPSS 0.3%CVE-2024-56084HIGHAn issue was discovered in Logpoint UniversalNormalizer before 5.7.0. Authenticated users can inject payloads while creating Universal NormaEPSS 0.3%CVE-2025-25504MEDIUMAn issue in the /usr/local/bin/jncs.sh script of Gefen WebFWC (In AV over IP products) v1.85h, v1.86v, and v1.70 allows attackers with netwoEPSS 0.3%