Weaknesses of type CWE-78
3,885 resultsCVE-2023-21410HIGHNon-sanitized user input could lead to arbitrary code execution in AXIS License Plate VerifierEPSS 0.7%CVE-2026-27613CRITICALCGI Parameter Injection (Bypass of STRICT_CGI_PARAMS and EscapeShellParam)EPSS 0.7%CVE-2026-48997HIGHe107: Command Injection via shell expansion in ImageMagick resize destination pathEPSS 0.7%CVE-2025-45379HIGHDell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection from coEPSS 0.7%CVE-2023-37032HIGHA Stack-based buffer overflow in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5EPSS 0.7%CVE-2024-43402HIGHRust OS Command Injection/Argument Injection vulnerabilityEPSS 0.7%CVE-2026-36827MEDIUMA command injection vulnerability exists in Panabit PAP-XM320 up to and including V7.7. The web management interface invokes the backend helEPSS 0.7%CVE-2024-43386HIGHPhoenix Contact: OS command execution through EMAIL_NOTIFICATION.TO in mGuard devices.EPSS 0.7%CVE-2024-43385HIGHPhoenix Contact: OS command execution through PROXY_HTTP_PORT in mGuard devicesEPSS 0.7%CVE-2023-20231HIGHA vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against EPSS 0.7%CVE-2024-2415HIGHCommand injection vulnerability in Movistar 4G routerEPSS 0.7%CVE-2011-10007HIGHFile::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when `grep()` encounters a crafted file nameEPSS 0.7%CVE-2024-0401HIGHASUS OVPN RCEEPSS 0.7%CVE-2023-32622—Improper neutralization of special elements in WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative privEPSS 0.7%CVE-2023-49254HIGHCommand injection in the network test toolsEPSS 0.7%CVE-2023-23694MEDIUM
Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attackEPSS 0.7%CVE-2026-5485HIGHOS command injection in Amazon Athena ODBC driver on LinuxEPSS 0.7%CVE-2026-40032HIGHUAC < 3.3.0-rc1 Command Injection via Placeholder SubstitutionEPSS 0.7%CVE-2022-1362MEDIUMCambium Networks cnMaestro OS Command InjectionEPSS 0.7%CVE-2026-8652HIGHAn OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product’s web console, EPSS 0.7%