Falhas do tipo CWE-78

3.870 resultados
CVE-2026-21267HIGHDreamweaver Desktop | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)EPSS 0.7%CVE-2026-45152HIGHuniget: Command Injection in tool.Check Leading to Arbitrary Code ExecutionEPSS 0.7%CVE-2024-46890CRITICALA vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate inpEPSS 0.7%CVE-2025-24480CRITICALFactoryTalk® View Machine Editon - Remote Code ExecutionEPSS 0.7%CVE-2024-20458HIGHCisco ATA 190 Series Analog Telephone Adapter Software VulnerabilitiesEPSS 0.7%CVE-2023-3333Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG18EPSS 0.7%CVE-2023-20017MEDIUMMultiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary coEPSS 0.7%CVE-2023-20013MEDIUMMultiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary coEPSS 0.7%CVE-2023-42122HIGHControl Web Panel wloggui Command Injection Local Privilege Escalation VulnerabilityEPSS 0.7%CVE-2019-3595LOWDLP Endpoint ePO extension not sanitizing CSV exportsEPSS 0.7%CVE-2024-5227HIGHTP-Link Omada ER605 PPTP VPN username Command Injection Remote Code Execution VulnerabilityEPSS 0.7%CVE-2025-53623HIGHJob Iteration API is vulnerable to OS Command Injection attack through its CsvEnumerator classEPSS 0.7%CVE-2025-57283HIGHThe Node.js package browserstack-local 1.5.8 contains a command injection vulnerability. This occurs because the logfile variable is not proEPSS 0.7%CVE-2024-20358MEDIUMA vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco FirepEPSS 0.7%CVE-2026-55743CRITICALOpenHuman desktop agent shell tool sandbox bypass leads to arbitrary command executionEPSS 0.7%CVE-2026-31246MEDIUMGPT-Pilot thru commit 0819827ce20346ef5f25b3fe29293cb448840565 (2025-09-03) contains a command injection vulnerability (CWE-78) in the ExecuEPSS 0.7%CVE-2021-0219MEDIUMJunos OS: Command injection vulnerability in 'request system software' CLI commandEPSS 0.7%CVE-2024-29167HIGHSVR-116 firmware version 1.6.0.30028871 allows a remote authenticated attacker with an administrative privilege to execute arbitrary OS commEPSS 0.7%CVE-2023-33238HIGHCommand-injection Vulnerability in Certificate ManagementEPSS 0.7%CVE-2025-57771HIGHRoo-Code potential remote code execution via auto-execute command parsing flawEPSS 0.7%