Weaknesses of type CWE-78

3,878 results
CVE-2023-41346HIGHASUS RT-AX55 - command injection - 2EPSS 1.2%CVE-2026-8217MEDIUMIndustrial Application Software IAS Canias ERP RMI Runtime.getRuntime.exec os command injectionEPSS 1.2%CVE-2024-34210HIGHTOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the CloudACMunualUpdate funEPSS 1.2%CVE-2026-30314CRITICALRidvay Code's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanEPSS 1.2%CVE-2025-14204MEDIUMTykoDev cherry-studio-TykoFork OAuth Server Discovery oauth-authorization-server redirectToAuthorization os command injectionEPSS 1.2%CVE-2026-27487HIGHOpenClaw: Prevent shell injection in macOS keychain credential writeEPSS 1.2%CVE-2025-62193CRITICALNOAA PMEL Live Access Server (LAS) PyFerret command injectionEPSS 1.2%CVE-2025-29040CRITICALAn issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41737cEPSS 1.2%CVE-2025-60957CRITICALOS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers tEPSS 1.2%CVE-2025-29041CRITICALAn issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41710cEPSS 1.2%CVE-2023-4033HIGHOS Command Injection in mlflow/mlflowEPSS 1.2%CVE-2026-0273MEDIUMPAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UIEPSS 1.2%CVE-2024-57014HIGHTOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "recHour" parameter in setScEPSS 1.2%CVE-2024-43655CRITICALAny authenticated users can execute OS commands as root using the <redacted>.sh CGI script.EPSS 1.2%CVE-2025-36529HIGHAn OS command injection issue exists in multiple versions of TB-eye network recorders and AHD recorders. If this vulnerability is exploited,EPSS 1.2%CVE-2026-26943HIGHDell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13EPSS 1.2%CVE-2026-24506HIGHDell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13EPSS 1.2%CVE-2026-9717HIGHCWE-78 Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could allow unauthorized EPSS 1.2%CVE-2023-47220MEDIUMMedia Streaming add-onEPSS 1.2%CVE-2026-58455CRITICALDockwatch 0.6.567 Unauthenticated OS Command Injection via ajax/compose.phpEPSS 1.2%