Weaknesses of type CWE-78
3,891 resultsCVE-2023-2625CRITICALA vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, haviEPSS 0.5%CVE-2025-70828HIGHAn issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configurationEPSS 0.5%CVE-2024-3798HIGHInsecure handling of GET argument in PhonieboxEPSS 0.5%CVE-2025-43943MEDIUMDell Cloud Disaster Recovery, version(s) prior to 19.20, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OEPSS 0.5%CVE-2026-28470CRITICALOpenClaw < 2026.2.2 - Exec Allowlist Bypass via Command Substitution in Double QuotesEPSS 0.5%CVE-2025-43884HIGHDell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Improper Neutralization of Special Elements used in an OS EPSS 0.5%CVE-2025-36607HIGHDell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker couEPSS 0.5%CVE-2023-3313HIGH
An OS common injection vulnerability exists in the ESM certificate API, whereby incorrectly neutralized special elements may have allowed aEPSS 0.5%CVE-2025-68700HIGHRAGFlow Remote Code Execution VulnerabilityEPSS 0.5%CVE-2025-64109HIGHCursor CLI Beta: Command Injection via Untrusted MCP ConfigurationEPSS 0.5%CVE-2022-1513HIGHA potential vulnerability was reported in Lenovo PCManager prior to version 5.0.10.4191 that may allow code execution when visiting a speciaEPSS 0.5%CVE-2026-48787HIGHgin-vue-admin vulnerable to RCEEPSS 0.5%CVE-2026-34982HIGHVim modeline bypass via various options affects Vim < 9.2.0276EPSS 0.5%CVE-2023-28617HIGHorg-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file namEPSS 0.5%CVE-2026-20266CRITICALOS Command Injection in the btool Configuration Helper in Splunk AI ToolkitEPSS 0.5%CVE-2026-44723MEDIUMVowpal Wabbit: Shell injection via crafted PR title in python_checks.yml allows arbitrary command execution on CI runnerEPSS 0.5%CVE-2024-20469MEDIUMCisco Identity Services Engine Command Injection VulnerabilityEPSS 0.5%CVE-2024-48891MEDIUMAn Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiSOAR 7.6.0 throEPSS 0.5%CVE-2023-43069HIGH
Dell SmartFabric Storage Software v1.4 (and earlier) contain(s) an OS Command Injection Vulnerability in the CLI. An authenticated local atEPSS 0.5%CVE-2025-20161MEDIUMCisco NX-OS Software Command Injection VulnerabilityEPSS 0.5%