Falhas do tipo CWE-78

3.878 resultados
CVE-2026-35073MEDIUMDell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versionsEPSS 0.6%CVE-2026-31994MEDIUMOpenClaw < 2026.2.19 - Local Command Injection via Unsafe cmd Argument Handling in Windows Scheduled Task Script GenerationEPSS 0.6%CVE-2026-35074MEDIUMDell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versionsEPSS 0.6%CVE-2026-35072MEDIUMDell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versionsEPSS 0.6%CVE-2024-31479MEDIUMUnauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol. SuccessfEPSS 0.6%CVE-2024-31481MEDIUMUnauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of EPSS 0.6%CVE-2024-31480MEDIUMUnauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of EPSS 0.6%CVE-2026-25855HIGHOpenBullet2 0.3.2 Authenticated RCE via FileProxySource Script UploadEPSS 0.6%CVE-2021-32475ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. Moodle 3.10 to 3.10.3, 3.9 to 3EPSS 0.6%CVE-2026-25053CRITICALn8n is Vulnerable to OS Command Injection in Git NodeEPSS 0.6%CVE-2026-44168HIGHMariaDB: wsrep SST unsafe parameter handling on the donor sideEPSS 0.6%CVE-2025-66626HIGHargoproj/argo-workflows is vulnerable to RCE via ZipSlip and symbolic linksEPSS 0.6%CVE-2026-27602HIGHModoboa has an OS Command InjectionEPSS 0.6%CVE-2026-32191CRITICALMicrosoft Bing Images Remote Code Execution VulnerabilityEPSS 0.6%CVE-2024-43387HIGHPhoenix Contact: Access files due to improper neutralization of special elements in MGUARD devicesEPSS 0.6%CVE-2022-35717HIGH"IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending EPSS 0.6%CVE-2024-56808LOWMedia Streaming add-onEPSS 0.6%CVE-2026-35581HIGHEmissary has a Command Injection via PLACE_NAME Configuration in ExecutrixEPSS 0.6%CVE-2024-10653HIGHCHANGING Information Technology IDExpert - OS Command InjectionEPSS 0.6%CVE-2026-24887HIGHClaude Code has a Command Injection in find Command Bypasses User Approval PromptEPSS 0.6%