Weaknesses of type CWE-78
3,891 resultsCVE-2022-33923MEDIUMDell PowerStore, versions prior to 3.0.0.0, contains an OS Command Injection vulnerability in PowerStore T environment. A locally authenticaEPSS 0.4%CVE-2025-70039CRITICALAn issue pertaining to CWE-78: Improper Neutralization of Special Elements used in an OS Command was discovered in linagora Twake v2023.Q1.1EPSS 0.4%CVE-2026-45035CRITICALTabby: RCE via `tabby://run` URL SchemeEPSS 0.4%CVE-2026-4946HIGHNSA Ghidra Auto-Analysis Annotation Command ExecutionEPSS 0.4%CVE-2021-1370HIGHCisco IOS XR Software for Cisco 8000 Series Routers and Network Convergence System 540 Series Routers Privilege Escalation VulnerabilityEPSS 0.4%CVE-2025-58059CRITICALValtimo scripting engine can be used to gain access to sensitive data or resourcesEPSS 0.4%CVE-2020-3403MEDIUMCisco IOS XE Software Command Injection VulnerabilityEPSS 0.4%CVE-2020-3459MEDIUMCisco FXOS Software for Firepower 4100/9300 Series Command Injection VulnerabilityEPSS 0.4%CVE-2026-56004CRITICALobs-service-tar_scm: command injection via mercurial handlerEPSS 0.4%CVE-2023-20082MEDIUMCisco IOS XE Software for Cisco Catalyst 9300 Series Switches Secure Boot Bypass VulnerabilityEPSS 0.4%CVE-2025-30076HIGHKoha before 24.11.02 allows admins to execute arbitrary commands via shell metacharacters in the tools/scheduler.pl report parameter.EPSS 0.4%CVE-2023-38588HIGHArcher C3150 firmware versions prior to 'Archer C3150(JP)_V2_230511' allows a network-adjacent authenticated attacker to execute arbitrary OEPSS 0.4%CVE-2026-5967HIGHTeamT5|ThreatSonar Anti-Ransomware - Privilege EscalationEPSS 0.4%CVE-2021-1452MEDIUMCisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection VulnerabilityEPSS 0.4%CVE-2026-34152HIGHCoolify: Command Injection via Newline in Pre/Post Deployment Commands (Heredoc Transport)EPSS 0.4%CVE-2026-45556CRITICALRoxy-WI: Authenticated arbitrary file write on every managed load balancer (and downstream RCE) via WAF rule save `config_file_name`EPSS 0.4%CVE-2023-34214HIGHSecond Order Command-injection Vulnerability in the Certificate-generation FunctionEPSS 0.4%CVE-2025-50974MEDIUMThe Calamaris log exporter CGI (/cgi-bin/logs.cgi/calamaris.dat) in IPFire 2.29 does not properly sanitize user-supplied input before incorpEPSS 0.4%CVE-2026-3820HIGHSupermicro BMC's SMTP service contains a command injection vulnerabilityEPSS 0.4%CVE-2026-40852HIGHCommand injection via malicious configurationEPSS 0.4%