Falhas do tipo CWE-78

3.848 resultados
CVE-2024-48890MEDIUMAn improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiSOAR IMAP conneEPSS 1.1%CVE-2024-20483HIGHCisco IOS XR PON Controller Command Injection VulnerabilitiesEPSS 1.1%CVE-2023-40479HIGHNETGEAR RAX30 UPnP Command Injection Remote Code Execution VulnerabilityEPSS 1.1%CVE-2023-40480HIGHNETGEAR RAX30 DHCP Server Command Injection Remote Code Execution VulnerabilityEPSS 1.1%CVE-2023-38323CRITICALAn issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the status path script entry in the configuration file, allowing attaEPSS 1.1%CVE-2025-37172HIGHAuthenticated Command Injection Vulnerabilities in AOS-8 Web-Based Management InterfaceEPSS 1.1%CVE-2023-38318CRITICALAn issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in the configuration file, allowing attackers EPSS 1.1%CVE-2026-49815HIGHDell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1EPSS 1.1%CVE-2023-38317CRITICALAn issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing EPSS 1.1%CVE-2023-38319CRITICALAn issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the FAS key entry in the configuration file, allowing attackers that EPSS 1.1%CVE-2025-66576HIGHRemote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE)EPSS 1.1%CVE-2025-60017HIGHUnitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the hostapd_restart.sh wifi_ssid or wifi_pass parEPSS 1.1%CVE-2025-65199HIGHWindscribe for Linux 'changeMTU' local privilege escalationEPSS 1.1%CVE-2024-23812HIGHA vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application incorrectly neutralizes special elementEPSS 1.1%CVE-2025-61591HIGHCursor CLI's Cursor Agent MCP OAuth2 Communication is Vulnerable to Remote Code ExecutionEPSS 1.1%CVE-2024-11983HIGHBillion Electric router - OS Command InjectionEPSS 1.1%CVE-2022-25916HIGHVersions of the package mt7688-wiscan before 0.8.3 are vulnerable to Command Injection due to improper input sanitization in the 'wiscan.scaEPSS 1.1%CVE-2026-34594HIGHCoolify: Authenticated Remote Code Execution via Command Injection in Destination Network ManagementEPSS 1.1%CVE-2024-35304CRITICALSystem command injection through Netflow functionEPSS 1.1%CVE-2023-32976MEDIUMContainer StationEPSS 1.1%