Weaknesses of type CWE-77

2,525 results
CVE-2025-6945LOWImproper Neutralization of Special Elements used in a Command ('Command Injection') in GitLabEPSS 0.2%CVE-2024-9773LOWImproper Neutralization of Special Elements used in a Command ('Command Injection') in GitLabEPSS 0.2%CVE-2023-20097MEDIUMCisco Access Point Software Command Injection VulnerabilityEPSS 0.2%CVE-2023-33806HIGHInsecure default configurations in Hikvision Interactive Tablet DS-D5B86RB/B V2.3.0 build220119, allows attackers to execute arbitrary commaEPSS 0.2%CVE-2026-40061HIGHiControl REST and tmsh vulnerabilityEPSS 0.2%CVE-2025-55824MEDIUMModStartCMS v9.5.0 has an arbitrary file write vulnerability, which allows attackers to write malicious files and execute malicious commandsEPSS 0.2%CVE-2026-40698HIGHiControl REST and TMSH vulnerabilityEPSS 0.2%CVE-2025-59817HIGHAuthenticated Remote Code Execution in zForm_auto_configEPSS 0.2%CVE-2025-70296MEDIUMA stored HTML injection vulnerability in the Recipe Notes rendering component in Mealie 3.3.1 allows remote authenticated users to inject arEPSS 0.2%CVE-2026-45628CRITICALDokploy: Command Injection via Unescaped Branch Fields in Deployment PipelineEPSS 0.2%CVE-2025-25791MEDIUMAn arbitrary file upload vulnerability in the plugin installation feature of YZNCMS v2.0.1 allows attackers to execute arbitrary code via upEPSS 0.2%CVE-2025-52687LOWJavaScript Injection Vulnerability in the OmniAccess Stellar Web Management InterfaceEPSS 0.2%CVE-2024-8402LOWImproper Neutralization of Special Elements used in a Command ('Command Injection') in GitLabEPSS 0.2%CVE-2025-43858CRITICALYoutubeDLSharp allows command injection on windows system due to non sanitized argumentsEPSS 0.2%CVE-2025-54393MEDIUMNetwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtEPSS 0.2%CVE-2023-40396HIGHThe issue was addressed with improved memory handling. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17. AnEPSS 0.2%CVE-2024-40070MEDIUMSourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload vulnerability via id_generator/classes/UserEPSS 0.2%CVE-2025-1910MEDIUMWatchGuard Mobile VPN with SSL Local Privilege Escalation via Update PackageEPSS 0.2%CVE-2025-66715MEDIUMA DLL hijacking vulnerability in Axtion ODISSAAS ODIS v1.8.4 allows attackers to execute arbitrary code via a crafted DLL file.EPSS 0.2%CVE-2026-20169MEDIUMCisco IoT Field Network Director Command Injection VulnerabilityEPSS 0.2%