Fallos del tipo CWE-78

3891 resultados
CVE-2026-29783HIGHGitHub Copilot CLI allows for dangerous shell expansion patterns that enable arbitrary command executionEPSS 0.4%CVE-2026-23882HIGHBlinko: Admin RCE - MCP Server Command InjectionEPSS 0.4%CVE-2024-38471MEDIUMMultiple TP-LINK products allow a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by restoring aEPSS 0.4%CVE-2023-28767HIGHThe configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX serieEPSS 0.4%CVE-2025-64106HIGHCursor: Speedbump Modal Bypass in MCP Server Deep-LinkEPSS 0.4%CVE-2026-48800HIGHNotepad++: Arbitrary Code Execution via shortcuts.xml UserCommand InjectionEPSS 0.4%CVE-2026-44055HIGHBitwise OR logic bug enables shell injectionEPSS 0.4%CVE-2026-42153HIGHCoolify: PostgreSQL Healthcheck Command Injection Allows Root Code Execution in ContainerEPSS 0.4%CVE-2026-42204HIGHCoolify: Authenticated RCE via SHELL_SAFE_COMMAND_PATTERN regression → host rootEPSS 0.4%CVE-2025-10239HIGHUnintended command execution via troubleshooting scripts in Progress FlowmonEPSS 0.4%CVE-2020-3417MEDIUMCisco IOS XE Software Arbitrary Code Execution VulnerabilityEPSS 0.4%CVE-2019-1732MEDIUMCisco NX-OS Software Remote Package Manager Command Injection VulnerabilityEPSS 0.4%CVE-2026-25722HIGHClaude Code Vulnerable to Command Injection via Directory Change Bypasses Write ProtectionEPSS 0.4%CVE-2026-33145MEDIUMxrdp: Authenticated RCE via unsanitized AlternateShell execution in xrdp-sesmanEPSS 0.4%CVE-2026-1345HIGHSecurity Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify AccessEPSS 0.4%CVE-2025-20193MEDIUMA vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attackerEPSS 0.4%CVE-2025-63408MEDIUMLocal Agent DVR versions thru 6.6.1.0 are vulnerable to directory traversal that allows an unauthenticated local attacker to gain access to EPSS 0.4%CVE-2026-34058HIGHCoolify: OS Command Injection via Unmanaged Container Operations - Remote Code ExecutionEPSS 0.4%CVE-2025-45378CRITICALDell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. A Privileged user with known password can break into EPSS 0.3%CVE-2023-28805MEDIUMZCC on Linux privilege escalationEPSS 0.3%