Weaknesses of type CWE-77

2,524 results
CVE-2024-32283HIGHTenda FH1203 V2.0.1.6 firmware has a command injection vulnerablility in formexeCommand function via the cmdinput parameter.EPSS 0.9%CVE-2025-22962HIGHA critical remote code execution (RCE) vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmittersEPSS 0.9%CVE-2024-20365MEDIUMCisco Integrated Management Controller Redfish Command Injection VulnerabilityEPSS 0.9%CVE-2025-2983MEDIUMLegrand SMS PowerView os command injectionEPSS 0.9%CVE-2026-20761HIGHEnOcean SmartServer IoT Command InjectionEPSS 0.9%CVE-2021-31356HIGHJunos OS Evolved: Multiple shell-injection vulnerabilities in EVO UI wrapper scriptsEPSS 0.9%CVE-2022-36769HIGHIBM Cloud Pak for Data file uploadEPSS 0.9%CVE-2026-45663CRITICALDokploy: Remote Code Execution via destinationPath in Container File UploadEPSS 0.9%CVE-2024-39577HIGHDell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an Improper Neutralization of Special Elements useEPSS 0.9%CVE-2024-52308HIGHConnecting to a malicious Codespaces via GH CLI could allow command execution on the user's computerEPSS 0.9%CVE-2025-29887HIGHQuRouter 2.5EPSS 0.9%CVE-2024-42636HIGHDedeCMS V5.7.115 has a command execution vulnerability via file_manage_view.php?fmdo=newfile&activepath.EPSS 0.9%CVE-2022-36786CRITICALDLINK - DSL-224 Post-auth RCE.EPSS 0.9%CVE-2026-8210MEDIUMaandrew-me tgpt Update helper.go helper.Update command injectionEPSS 0.9%CVE-2023-6071HIGH An Improper Neutralization of Special Elements used in a command vulnerability in ESM prior to version 11.6.9 allows a remote administratorEPSS 0.9%CVE-2025-55319HIGHAgentic AI and Visual Studio Code Remote Code Execution VulnerabilityEPSS 0.8%CVE-2026-9277CRITICALshell-quote `quote()` does not validate object-token shapes, allowing command injection via line terminators in `.op`EPSS 0.8%CVE-2020-15685HIGHDuring the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted sEPSS 0.8%CVE-2023-28110MEDIUMJumpServer Koko vulnerable to Command Injection for Kubernetes Connection EPSS 0.8%CVE-2025-61489MEDIUMA command injection vulnerability in the shell_exec function of sonirico mcp-shell v0.3.1 allows attackers to execute arbitrary commands viaEPSS 0.8%