Weaknesses of type CWE-77

2,525 results
CVE-2026-27001HIGHOpenClaw: Unsanitized CWD path injection into LLM promptsEPSS 0.2%CVE-2025-67508HIGHgardenctl is vulnerable to Command Injection when used with non‑POSIX shellsEPSS 0.2%CVE-2023-20121MEDIUMCisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure Command Injection VulnerabilitiesEPSS 0.2%CVE-2023-20122MEDIUMCisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure Command Injection VulnerabilitiesEPSS 0.2%CVE-2025-6522MEDIUMTrendMakers Sight Bulb Pro Command InjectionEPSS 0.2%CVE-2026-34259HIGHOS Command Injection Vulnerability in SAP Forecasting & ReplenishmentEPSS 0.2%CVE-2023-36642MEDIUMAn improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiTester 3.0.0EPSS 0.2%CVE-2024-33469HIGHAn issue in Team Amaze Amaze File Manager v.3.8.5 and fixed in v.3.10 allows a local attacker to execute arbitrary code via the onCreate metEPSS 0.2%CVE-2024-27763MEDIUMXPixelGroup BasicSR through 1.4.2 might locally allow code execution in contrived situations where "scontrol show hostname" is executed in tEPSS 0.2%CVE-2024-57695HIGHAn issue in Agnitum Outpost Security Suite 7.5.3 (3942.608.1810) and 7.6 (3984.693.1842) allows a local attacker to execute arbitrary code vEPSS 0.2%CVE-2025-54564HIGHuploadsm in ChargePoint Home Flex 5.5.4.13 does not validate a user-controlled string for bz2 decompression, which allows command execution EPSS 0.2%CVE-2025-41721LOWSauter: Command InjectionEPSS 0.2%CVE-2025-20117MEDIUMCisco Application Policy Infrastructure Controller Authenticated Command Injection VulnerabilityEPSS 0.2%CVE-2024-46062HIGHMiniconda3 macOS installers before 23.11.0-1 contain a local privilege escalation vulnerability when installed outside the user's home direcEPSS 0.2%CVE-2024-46060HIGHAnaconda3 macOS installers before 2024.06-1 contain a local privilege escalation vulnerability when installed outside the user's home directEPSS 0.2%CVE-2026-21709MEDIUMA vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver Signature Enforcement.EPSS 0.2%CVE-2025-33249HIGHNVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attackEPSS 0.2%CVE-2025-56814HIGHA code injection vulnerability in the wxExecute() function of OpenCPN v5.12.0 allows attackers to execute arbitrary code via embedding shellEPSS 0.2%CVE-2025-27233MEDIUMZabbix Agent 2 smartctl plugin argument injection in Zabbix 6.0 and later.EPSS 0.2%CVE-2025-24333MEDIUMAdministrative user shell input validation faultEPSS 0.2%