Fallos del tipo CWE-78

3890 resultados
CVE-2026-56004CRITICALobs-service-tar_scm: command injection via mercurial handlerEPSS 0.4%CVE-2023-20082MEDIUMCisco IOS XE Software for Cisco Catalyst 9300 Series Switches Secure Boot Bypass VulnerabilityEPSS 0.4%CVE-2025-30076HIGHKoha before 24.11.02 allows admins to execute arbitrary commands via shell metacharacters in the tools/scheduler.pl report parameter.EPSS 0.4%CVE-2023-38588HIGHArcher C3150 firmware versions prior to 'Archer C3150(JP)_V2_230511' allows a network-adjacent authenticated attacker to execute arbitrary OEPSS 0.4%CVE-2026-34152HIGHCoolify: Command Injection via Newline in Pre/Post Deployment Commands (Heredoc Transport)EPSS 0.4%CVE-2021-1452MEDIUMCisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection VulnerabilityEPSS 0.4%CVE-2026-5967HIGHTeamT5|ThreatSonar Anti-Ransomware - Privilege EscalationEPSS 0.4%CVE-2026-45556CRITICALRoxy-WI: Authenticated arbitrary file write on every managed load balancer (and downstream RCE) via WAF rule save `config_file_name`EPSS 0.4%CVE-2023-34214HIGHSecond Order Command-injection Vulnerability in the Certificate-generation FunctionEPSS 0.4%CVE-2025-50974MEDIUMThe Calamaris log exporter CGI (/cgi-bin/logs.cgi/calamaris.dat) in IPFire 2.29 does not properly sanitize user-supplied input before incorpEPSS 0.4%CVE-2026-44444CRITICALLumiverse: Spindle extension install runs untrusted lifecycle scripts before security scanEPSS 0.4%CVE-2023-40253MEDIUMImproper Authentication vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNEPSS 0.4%CVE-2024-10896MEDIUMLogo Slider < 4.5.0 - Contributor+ Stored XSSEPSS 0.4%CVE-2026-40852HIGHCommand injection via malicious configurationEPSS 0.4%CVE-2026-27635HIGHManyfold vulnerable to OS command injection via ZIP filename in f3d renderEPSS 0.4%CVE-2026-3820HIGHSupermicro BMC's SMTP service contains a command injection vulnerabilityEPSS 0.4%CVE-2025-3189MEDIUMStored Cross-Site Scripting (XSS) in DoWISPEPSS 0.4%CVE-2019-1725MEDIUMCisco UCS B-Series Blade Servers Local Management CLI Arbitrary File Creation or CLI Parameter Injection VulnerabilityEPSS 0.4%CVE-2026-46618MEDIUMFission builder accepts arbitrary buildcmd strings from Environment.spec.builder.command, allowing the builder pod to invoke arbitrary executablesEPSS 0.4%CVE-2026-29783HIGHGitHub Copilot CLI allows for dangerous shell expansion patterns that enable arbitrary command executionEPSS 0.4%