Weaknesses of type CWE-78
3,891 resultsCVE-2023-40357HIGHMultiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are aEPSS 0.4%CVE-2024-48954MEDIUMAn issue was discovered in Logpoint before 7.5.0. Unvalidated input during the EventHub Collector setup by an authenticated user leads to ReEPSS 0.4%CVE-2026-59734HIGHCoolify: OS Command Injection in Health Check Configuration Allows Remote Code ExecutionEPSS 0.4%CVE-2025-36245HIGHIBM InfoSphere Information Server command executionEPSS 0.4%CVE-2026-27965HIGHVitess users with backup storage access can gain unauthorized access to production deployment environmentsEPSS 0.4%CVE-2026-20206MEDIUMCisco ThousandEyes BrowserBot Command Injection VulnerabilityEPSS 0.4%CVE-2020-12774HIGHD-Link DSL-7740C - Command InjectionEPSS 0.4%CVE-2025-58370HIGHRoo Code: Potential Remote Code Execution via Bash Parameter Expansion and Indirect ReferenceEPSS 0.4%CVE-2019-1883HIGHCisco Integrated Management Controller CLI Command Injection VulnerabilityEPSS 0.4%CVE-2024-27920HIGHUnsigned code template execution through workflows in projectdiscovery/nucleiEPSS 0.4%CVE-2026-11834HIGHUnauthenticated Command Injection via DHCP Option Handling in Multiple TP-Link RoutersEPSS 0.4%CVE-2025-53868HIGHBIG-IP SCP and SFTP vulnerabilityEPSS 0.4%CVE-2025-47782HIGHmotionEye vulnerable to RCE in add_camera Function Due to unsafe command executionEPSS 0.4%CVE-2022-35642MEDIUM"IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScriptEPSS 0.4%CVE-2022-35849HIGHAn improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiADC 7.1.0 thEPSS 0.4%CVE-2019-15986MEDIUMCisco Unity Express Command Injection VulnerabilityEPSS 0.4%CVE-2025-64755HIGH@anthropic-ai/claude-code has Sed Command Validation Bypass that Allows Arbitrary File WritesEPSS 0.4%CVE-2026-34034HIGHCoolify: Host RCE via Sentinel token injectionEPSS 0.4%CVE-2026-34153HIGHCoolify LocalFileVolume fs_path command injection enables RCEEPSS 0.4%CVE-2026-34168HIGHCoolify: Command injection via unsanitized persistent storage name in docker volume commandsEPSS 0.4%