Fallos del tipo CWE-78

3888 resultados
CVE-2026-39938CRITICALCacti: Unauthenticated RCE on Graph ImageEPSS 0.4%CVE-2026-42143HIGHCoolify: OS Command Injection via Persistent Volume Names - Root RCE on Managed ServersEPSS 0.4%CVE-2025-30099HIGHDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 releasEPSS 0.4%CVE-2026-29607HIGHOpenClaw < 2026.2.22 - Authorization Bypass via allow-always Wrapper PersistenceEPSS 0.4%CVE-2025-55284HIGHClaude Code's Permissive Default Allowlist Enables Unauthorized File Read and Network Exfiltration in Claude CodeEPSS 0.4%CVE-2024-48963HIGHThe package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. The vulnerability can be triggeEPSS 0.4%CVE-2025-54469CRITICALNeuVector Enforcer is vulnerable to Command Injection and Buffer overflowEPSS 0.4%CVE-2025-20319MEDIUMRemote Command Execution through Scripted Input Files in Splunk EnterpriseEPSS 0.4%CVE-2024-48964HIGHThe package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted Gradle project. The vulnerability can be triEPSS 0.4%CVE-2022-36926HIGHLocal Privilege Escalation in Zoom Rooms for macOS ClientsEPSS 0.4%CVE-2026-42853MEDIUM@apostrophecms/cli: Command Injection in apos create via Unsanitized Password InputEPSS 0.4%CVE-2026-33310HIGHIntake has a Command Injection via shell() Expansion in Parameter DefaultsEPSS 0.4%CVE-2026-27113MEDIUMLiquid Prompt arbitrary command injection via crafted Git branch names in gitstatusd backendEPSS 0.4%CVE-2025-23344HIGHThe NVIDIA NVDebug tool contains a vulnerability that may allow an actor to run code on the platform host as a non-privileged user. A succesEPSS 0.4%CVE-2022-35976MEDIUMImproper KubeConfig handling allows arbitrary code executionEPSS 0.4%CVE-2026-49190CRITICALMissing Per-Instruction Authorization ChecksEPSS 0.4%CVE-2025-5459HIGHOS Command InjectionEPSS 0.4%CVE-2019-12717MEDIUMCisco NX-OS Software Virtualization Manager Command Injection VulnerabilityEPSS 0.4%CVE-2024-54025MEDIUMAn improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiIsolatEPSS 0.4%CVE-2025-66572MEDIUMLoaded Commerce 6.6 Client-Side Template Injection (CSTI)EPSS 0.4%