Falhas do tipo CWE-78

3.870 resultados
CVE-2025-3882HIGHeCharge Hardy Barth cPH2 nwcheckexec.php dest Command Injection Remote Code Execution VulnerabilityEPSS 0.8%CVE-2025-3883HIGHeCharge Hardy Barth cPH2 index.php Command Injection Remote Code Execution VulnerabilityEPSS 0.8%CVE-2025-3881HIGHeCharge Hardy Barth cPH2 check_req.php ntp Command Injection Remote Code Execution VulnerabilityEPSS 0.8%CVE-2023-3572CRITICALPHOENIX CONTACT: OS Command Injection in WP 6xxx Web panelsEPSS 0.8%CVE-2021-26115HIGHAn OS command injection (CWE-78) vulnerability in FortiWAN version 4.5.7 and below Command Line Interface may allow a local, authenticated aEPSS 0.8%CVE-2020-3367MEDIUMCisco Secure Web Appliance Privilege Escalation VulnerabilityEPSS 0.8%CVE-2024-41585MEDIUMDrayTek Vigor3910 devices through 4.3.2.6 are affected by an OS command injection vulnerability that allows an attacker to leverage the recvEPSS 0.8%CVE-2017-6707A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 SerieEPSS 0.8%CVE-2026-27938HIGHWPGraphQL Repo Vulnerable to Command Injection via Unsanitized GitHub Actions Expression in Release WorkflowEPSS 0.8%CVE-2024-56137MEDIUMMaxKB RCE vulnerability in function libraryEPSS 0.8%CVE-2024-51252HIGHIn Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the reEPSS 0.8%CVE-2021-3726HIGHOS Command Injection in ohmyzsh/ohmyzshEPSS 0.8%CVE-2025-8654HIGHKenwood DMX958XR ReadMVGImage Command Injection Remote Code Execution VulnerabilityEPSS 0.8%CVE-2022-0764MEDIUMArbitrary Command Injection in strapi/strapiEPSS 0.8%CVE-2026-33046HIGHIndico discloses local files resulting in Remote Code Execution through LaTeX injectionEPSS 0.8%CVE-2024-51245HIGHIn DrayTek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the reEPSS 0.8%CVE-2025-3705MEDIUMOS Command Injection via USB Config LoadEPSS 0.8%CVE-2024-42029MEDIUMxdg-desktop-portal-hyprland (aka an XDG Desktop Portal backend for Hyprland) before 1.3.3 allows OS command execution, e.g., because single EPSS 0.8%CVE-2026-3964MEDIUMOpenAkita Chat API Endpoint shell.py run os command injectionEPSS 0.8%CVE-2024-38889CRITICALAn issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker tEPSS 0.8%