Weaknesses of type CWE-78
3,885 resultsCVE-2024-4301HIGHN-Reporter and N-Cloud from N-Partner - Os Command InjectionEPSS 1.1%CVE-2024-0166HIGH
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_tcpdump utility. An authenticated attacker couEPSS 1.1%CVE-2024-36394CRITICALSysAid - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')EPSS 1.1%CVE-2024-8278HIGHA privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perfEPSS 1.1%CVE-2024-8279HIGHA privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perfEPSS 1.1%CVE-2024-48890MEDIUMAn improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiSOAR IMAP conneEPSS 1.1%CVE-2024-20483HIGHCisco IOS XR PON Controller Command Injection VulnerabilitiesEPSS 1.1%CVE-2026-12104HIGHAuthenticated OS Command Injection in BondixEPSS 1.1%CVE-2023-40479HIGHNETGEAR RAX30 UPnP Command Injection Remote Code Execution VulnerabilityEPSS 1.1%CVE-2023-40480HIGHNETGEAR RAX30 DHCP Server Command Injection Remote Code Execution VulnerabilityEPSS 1.1%CVE-2023-38319CRITICALAn issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the FAS key entry in the configuration file, allowing attackers that EPSS 1.1%CVE-2025-37172HIGHAuthenticated Command Injection Vulnerabilities in AOS-8 Web-Based Management InterfaceEPSS 1.1%CVE-2025-66576HIGHRemote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE)EPSS 1.1%CVE-2023-38318CRITICALAn issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in the configuration file, allowing attackers EPSS 1.1%CVE-2025-60017HIGHUnitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the hostapd_restart.sh wifi_ssid or wifi_pass parEPSS 1.1%CVE-2026-49815HIGHDell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1EPSS 1.1%CVE-2023-38323CRITICALAn issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the status path script entry in the configuration file, allowing attaEPSS 1.1%CVE-2023-38317CRITICALAn issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing EPSS 1.1%CVE-2025-65199HIGHWindscribe for Linux 'changeMTU' local privilege escalationEPSS 1.1%CVE-2025-61591HIGHCursor CLI's Cursor Agent MCP OAuth2 Communication is Vulnerable to Remote Code ExecutionEPSS 1.1%