Falhas do tipo CWE-77

2.525 resultados
CVE-2021-38116HIGHPossible Command injection Vulnerability in OpenText iManagerEPSS 0.6%CVE-2024-51260CRITICALDrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the EPSS 0.6%CVE-2026-30461HIGHDaylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the /controllers/InsEPSS 0.6%CVE-2023-40598HIGHCommand Injection in Splunk Enterprise Using External LookupsEPSS 0.6%CVE-2024-51299HIGHIn Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the duEPSS 0.6%CVE-2024-51296HIGHIn Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the piEPSS 0.6%CVE-2024-51301HIGHIn Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the paEPSS 0.6%CVE-2024-51300HIGHIn Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the geEPSS 0.6%CVE-2024-51304HIGHIn Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ldEPSS 0.6%CVE-2025-26331HIGHDell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. AEPSS 0.6%CVE-2020-13712HIGHMGOS Command InjectionEPSS 0.6%CVE-2025-67728CRITICALFireshare Public Uploads feature is vulnerable to OS Command Injection (RCE)EPSS 0.6%CVE-2024-42348CRITICALFOG leaks sensitive information (AD domain, username and password)EPSS 0.6%CVE-2024-42360CRITICALCommand Injection in sequenceserverEPSS 0.6%CVE-2025-27211HIGHAn Improper Input Validation in EdgeMAX EdgeSwitch (Version 1.10.4 and earlier) could allow a Command Injection by a malicious actor with acEPSS 0.6%CVE-2025-66738HIGHAn issue in Yealink T21P_E2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the EPSS 0.6%CVE-2025-57164MEDIUMFlowise through v3.0.4 is vulnerable to remote code execution via unsanitized evaluation of user input in the "Supabase RPC Filter" field.EPSS 0.6%CVE-2026-31175CRITICALAn issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stunEnaEPSS 0.6%CVE-2026-23652CRITICALMicrosoft Power Pages Remote Code Execution VulnerabilityEPSS 0.6%CVE-2025-55283CRITICALaiven-db-migrate allows Privilege Escalation through use of psql during migrationEPSS 0.6%