Weaknesses of type CWE-78

3,878 results
CVE-2009-20011CRITICALContentKeeper Web Appliance < 125.10 RCE via mimencodeEPSS 1.3%CVE-2021-34362HIGHCommand Injection Vulnerability in Media Streaming Add-onEPSS 1.3%CVE-2026-1428HIGHWellChoose|Single Sign-On Portal System - OS Command InjectionEPSS 1.3%CVE-2025-68459HIGHRG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. EPSS 1.3%CVE-2022-50691CRITICALMiniDVBLinux 5.4 Remote Root Command Execution via commands.shEPSS 1.3%CVE-2026-53479HIGHDell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1EPSS 1.3%CVE-2025-58062HIGHLSTM-Kirigaya's openmcp-client Vulnerable to RCE in MCP Authorization FlowEPSS 1.3%CVE-2025-5277CRITICALaws-mcp-server MCP server is vulnerable to command injection. An attacker can craft a prompt that once accessed by the MCP client will run aEPSS 1.3%CVE-2025-57799HIGHStreamVault can perform remote command executionEPSS 1.3%CVE-2026-0785HIGHALGO 8180 IP Audio Alerter API Command Injection Remote Code Execution VulnerabilityEPSS 1.3%CVE-2024-12829HIGHArista NG Firewall ExecManagerImpl Command Injection Remote Code Execution VulnerabilityEPSS 1.3%CVE-2024-22423HIGHyt-dlp `--exec` command injection when using `%q` in yt-dlp on WindowsEPSS 1.3%CVE-2026-0757HIGHMCP Manager for Claude Desktop execute-command Command Injection Sandbox Escape VulnerabilityEPSS 1.3%CVE-2025-8613HIGHVacron Camera ping Command Injection Remote Code Execution VulnerabilityEPSS 1.3%CVE-2026-34793HIGHEndian Firewall /cgi-bin/logs_firewall.cgi DATE Perl Command InjectionEPSS 1.2%CVE-2025-62354CRITICALImproper neutralization of special elements used in an OS command ('command injection') in Cursor allows an unauthorized attacker to executeEPSS 1.2%CVE-2026-34797HIGHEndian Firewall /cgi-bin/logs_smtp.cgi DATE Perl Command InjectionEPSS 1.2%CVE-2024-53700MEDIUMQHoraEPSS 1.2%CVE-2023-21413CRITICALRemote code execution vulnerability during the installation of ACAP applications on the Axis deviceEPSS 1.2%CVE-2024-21532HIGHAll versions of the package ggit are vulnerable to Command Injection via the fetchTags(branch) API, which allows user input to specify the bEPSS 1.2%