Falhas do tipo CWE-78

3.885 resultados
CVE-2021-21503HIGHPowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command. The Compadmin user could potentially explEPSS 0.3%CVE-2021-1441MEDIUMCisco IOS XE Software Hardware Initialization Routines Arbitrary Code Execution VulnerabilityEPSS 0.3%CVE-2026-26982MEDIUMGhostty affected by arbitrary command execution via control characters in paste and drag-and-drop operationsEPSS 0.3%CVE-2025-67738HIGHsquid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if Webmin's Squid module and its Cache ManagerEPSS 0.3%CVE-2021-35028HIGHA command injection vulnerability in the CGI program of the Zyxel VPN2S firmware version 1.12 could allow an authenticated, local user to exEPSS 0.3%CVE-2026-42994HIGHBitwarden CLI 2026.4.0 from 2026-04-22T21:57Z to 2026-04-22T23:30Z, when obtained from npm, had embedded malicious code. This is related to EPSS 0.3%CVE-2026-45255HIGHRemote code execution via installer Wi-Fi access point scansEPSS 0.3%CVE-2026-45564HIGHRoxy-WI: Authenticated RCE via 'configver' URL parameter (os.system sink in /config/versions/.../save)EPSS 0.3%CVE-2026-32948MEDIUMsbt: Source dependency feature (via crafted VCS URL) leads to arbitrary code execution on WindowsEPSS 0.3%CVE-2025-24938HIGHInsufficient Validation of Input while user creationEPSS 0.3%CVE-2021-34728HIGHCisco IOS XR Software Authenticated User Privilege Escalation VulnerabilitiesEPSS 0.3%CVE-2024-47918MEDIUMTiki Wiki CMS – CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)EPSS 0.3%CVE-2026-44666CRITICALHRConvert2: Missing Sanitization enables Unauthenticated Remote Command ExecutionEPSS 0.3%CVE-2026-30309HIGHInfCode's terminal auto-execution module contains a critical command filtering vulnerability that renders its blacklist security mechanism cEPSS 0.3%CVE-2026-44465HIGHZed: Zed IDE Arbitrary Code Execution via untrusted repository with poisoned .git/configEPSS 0.3%CVE-2021-1529HIGHCisco IOS XE SD-WAN Software Command Injection VulnerabilityEPSS 0.3%CVE-2026-44932HIGHindirect remote shell command injection via unsanitized DHCP options in wickedEPSS 0.3%CVE-2025-36354HIGHIBM Security Verify Access command executionEPSS 0.3%CVE-2026-12161HIGHImproper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user witEPSS 0.3%CVE-2021-3459MEDIUMA privilege escalation vulnerability was reported in the MM1000 device configuration web server, which could allow privileged shell access aEPSS 0.3%