Weaknesses of type CWE-78
3,891 resultsCVE-2024-32118MEDIUMMultiple improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet ForEPSS 0.6%CVE-2026-33414MEDIUMPowerShell Command Injection in Podman HyperV MachineEPSS 0.6%CVE-2024-45720HIGHApache Subversion: Command line argument injection on Windows platformsEPSS 0.6%CVE-2026-42846CRITICALClipBucket: Remote Play URL Command InjectionEPSS 0.6%CVE-2022-42433MEDIUMThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N TL-WR841N(US)_EPSS 0.6%CVE-2023-37249—Infoblox NIOS through 8.5.1 has a faulty component that accepts malicious input without sanitization, resulting in shell access.EPSS 0.6%CVE-2023-44277HIGH
Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in EPSS 0.6%CVE-2025-0356HIGHNEC Corporation Aterm WX1500HP Ver.1.4.2 and earlier and WX3600HP Ver.1.5.3 and earlier allows a attacker to execute arbitrary OS commands vEPSS 0.6%CVE-2018-0185—Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commandEPSS 0.6%CVE-2018-0193—Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commandEPSS 0.6%CVE-2018-0182—Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commandEPSS 0.6%CVE-2018-0194—Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commandEPSS 0.6%CVE-2025-37126HIGHAuthenticated Remote Code Execution in HPE Aruba Networking EdgeConnect SD-WAN Gateways Command Line InterfaceEPSS 0.6%CVE-2026-22277HIGHDell UnityVSA, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command InjectEPSS 0.6%CVE-2026-31177CRITICALAn issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stunMinEPSS 0.6%CVE-2026-21418HIGHDell Unity, version(s) 5.5.2 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command InjectiEPSS 0.6%CVE-2025-43942HIGHDell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command InjectionEPSS 0.6%CVE-2024-13087LOWQHoraEPSS 0.6%CVE-2025-0680CRITICALNew Rock Technologies Cloud Connected Devices has a Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability.EPSS 0.6%CVE-2025-43939HIGHDell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command InjectionEPSS 0.6%