Falhas do tipo CWE-78
3.878 resultadosCVE-2020-1734HIGHA flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() wiEPSS 0.4%CVE-2022-41751HIGHJhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 oEPSS 0.4%CVE-2025-11571LOWCommand Execution vulnerability in Simplicity InstallerEPSS 0.4%CVE-2025-40947HIGHA vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEEPSS 0.4%CVE-2024-4696HIGHA privilege escalation vulnerability was reported in Lenovo Service Bridge prior to version 5.0.2.17 that could allow operating system commaEPSS 0.4%CVE-2025-15559CRITICALUnauthenticated OS Command Injection in NesterSoft WorkTimeEPSS 0.4%CVE-2026-28460MEDIUMOpenClaw < 2026.2.22 - Allowlist Bypass via Shell Line-Continuation Command Substitution in system.runEPSS 0.4%CVE-2020-3173HIGHCisco UCS Manager Software Local Management CLI Command Injection VulnerabilityEPSS 0.4%CVE-2025-30097MEDIUMDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 releasEPSS 0.4%CVE-2025-30096MEDIUMDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 releasEPSS 0.4%CVE-2025-30098MEDIUMDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 releasEPSS 0.4%CVE-2026-45558CRITICALRoxy-WI: Authenticated RCE on every managed HAProxy load balancer via `option` field config injection in section saveEPSS 0.4%CVE-2026-31862CRITICALCloud CLI has Command Injection via Multiple ParametersEPSS 0.4%CVE-2026-54699HIGHWarp: OS command injection when opening terminal links from WSLEPSS 0.4%CVE-2026-39938CRITICALCacti: Unauthenticated RCE on Graph ImageEPSS 0.4%CVE-2026-42143HIGHCoolify: OS Command Injection via Persistent Volume Names - Root RCE on Managed ServersEPSS 0.4%CVE-2025-30099HIGHDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 releasEPSS 0.4%CVE-2026-29607HIGHOpenClaw < 2026.2.22 - Authorization Bypass via allow-always Wrapper PersistenceEPSS 0.4%CVE-2025-55284HIGHClaude Code's Permissive Default Allowlist Enables Unauthorized File Read and Network Exfiltration in Claude CodeEPSS 0.4%CVE-2024-48964HIGHThe package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted Gradle project. The vulnerability can be triEPSS 0.4%