Fallos del tipo CWE-78
3891 resultadosCVE-2025-40582HIGHA vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed)EPSS 0.2%CVE-2025-54314LOWThor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because "the method that EPSS 0.2%CVE-2026-55895MEDIUMVim: Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filenameEPSS 0.2%CVE-2026-49260HIGHPhpWeasyPrint: shell command injection via configurable WeasyPrint binary path due to inverted is_executable() guard (mirror of KnpLabs/snappy GHSA-vpr4-p6fq-85jc)EPSS 0.2%CVE-2026-44712HIGHpam_usb: Shell injection via device UUID and username in pamusb-conf and pamusb-agentEPSS 0.2%CVE-2026-46643HIGHSnappy: Binary path is never shell-escaped due to an inverted is_executable checkEPSS 0.2%CVE-2026-44709HIGHpam_usb: PINENTRY_FALLBACK_APP environment variable allows arbitrary command executionEPSS 0.2%CVE-2026-43990HIGHJunoClaw: plugin-shell shell-metacharacter injection via shell wrapperEPSS 0.2%CVE-2026-25933MEDIUMArduino App Lab has Improper Data Validation in Internal Terminal InterfaceEPSS 0.2%CVE-2025-6183HIGHConfigd InjectionEPSS 0.2%CVE-2025-6181HIGHThe StrongDM Windows service incorrectly handled input validation. Authenticated attackers could potentially exploit this leading to privileEPSS 0.1%CVE-2025-20213MEDIUMCisco Catalyst SDWAN Manager Arbitrary File Overwrite VulnerabilityEPSS 0.1%CVE-2026-31996LOWOpenClaw < 2026.2.19 - safeBins stdin-only bypass via sort output and recursive grep flagsEPSS 0.1%CVE-2026-55798MEDIUMPillow: WindowsViewer.get_command() OS command injection via unescaped shell pathEPSS 0.1%CVE-2026-41421HIGHSiYuan Desktop Notification XSS Leads to Electron RCEEPSS 0.1%CVE-2026-20008MEDIUMCisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Lua Code Injection VulnerabilityEPSS 0.1%CVE-2026-42290HIGHprotobufjs-cli: OS Command InjectionEPSS 0.1%CVE-2026-45036HIGHTabby auto-confirms ZMODEM detection on terminal output, leading to shell command execution from displayed file content under fish, bash, and zshEPSS 0.1%CVE-2026-44076MEDIUMShell injection via volume pathEPSS 0.1%CVE-2026-49219MEDIUMImageMagick: Policy Bypass can read disallowed filesEPSS 0.1%