Falhas do tipo CWE-78

3.869 resultados
CVE-2024-20277MEDIUMA vulnerability in the web-based management interface of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allEPSS 0.8%CVE-2022-45899MEDIUMNokia Broadcast Message Center (BMC) before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metaEPSS 0.8%CVE-2024-51021HIGHNetgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a command injection vulnerability via the wan_gEPSS 0.8%CVE-2026-34935CRITICALPraisonAI: OS Command Injection in MCPHandler.parse_mcp_command()EPSS 0.8%CVE-2023-49235CRITICALAn issue was discovered in libremote_dbg.so on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Filtering of debug information is mishandled durinEPSS 0.8%CVE-2019-16639CRITICALAn issue was found on the Ruijie EG-2000 series gateway. There is a newcli.php API interface without access control, which can allow an attaEPSS 0.8%CVE-2023-46117CRITICALInadequate validation of retrieved subdomains may lead to a Remote Code Execution in reconFTWEPSS 0.8%CVE-2025-26389CRITICALA vulnerability has been identified in OZW672 (All versions < V8.0), OZW772 (All versions < V8.0). The web service in affected devices does EPSS 0.8%CVE-2026-34234CRITICALCtrlPanel: Unauthenticated RCE using installer scriptEPSS 0.8%CVE-2026-0709HIGHSome Hikvision Wireless Access Points are vulnerable to authenticated command execution due to insufficient input validation. Attackers withEPSS 0.8%CVE-2025-54084HIGHCalix Gigacenter ONT - Command InjectionEPSS 0.8%CVE-2026-38615CRITICALDedeCMS V5.7.118 is vulnerable to Command Execution in file_manage_control.php.EPSS 0.8%CVE-2026-35463HIGHpyLoad has Improper Neutralization of Special Elements used in an OS CommandEPSS 0.8%CVE-2024-21906MEDIUMQTS, QuTS heroEPSS 0.8%CVE-2023-28627HIGHOS Command Injection via GIT_PATH in pymedusaEPSS 0.8%CVE-2026-5603MEDIUMelgentos magento2-dev-mcp index.ts executeMagerun2Command os command injectionEPSS 0.8%CVE-2024-6091CRITICALShell Command Denylist Bypass in significant-gravitas/autogptEPSS 0.8%CVE-2026-5602MEDIUMNor2-io heim-mcp new_heim_application tools.ts registerTools os command injectionEPSS 0.8%CVE-2023-28726HIGHPanasonic AiSEG2 versions 2.80F through 2.93A allows remote attackers to execute arbitrary OS commands.EPSS 0.8%CVE-2026-7246HIGHPallets Click contains a command injection via Unsanitized Filename "click.edit()"EPSS 0.8%