Weaknesses of type CWE-77
2,516 resultsCVE-2024-3116HIGHRemote Code Execution Vulnerability through the validate binary path API in pgAdmin 4EPSS 64.8%CVE-2024-4883CRITICALWhatsUp Gold WriteDataFile Directory Traversal Remote Code Execution VulnerabilityEPSS 64.8%CVE-2024-9380HIGHAn OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker witEPSS 63.0%KEVCVE-2022-41800HIGHAppliance mode iControl REST vulnerabilityEPSS 62.4%CVE-2023-31446CRITICALIn Cassia Gateway firmware XC1000_2.1.1.2303082218 and XC2000_2.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. TEPSS 61.1%CVE-2016-20017CRITICALD-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login.cgi cli parameter, as exploited in the wilEPSS 60.4%KEVCVE-2024-12971HIGHQuickShell Authenticated Command InjectionEPSS 59.4%CVE-2022-2143CRITICALAdvantech iViewEPSS 59.2%CVE-2023-28425MEDIUMSpecially crafted MSETNX command can lead to denial-of-serviceEPSS 55.0%CVE-2019-16012MEDIUMCisco SD-WAN Solution vManage SQL Injection VulnerabilityEPSS 54.2%CVE-2023-20118MEDIUMA vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers EPSS 53.8%KEVCVE-2025-4443MEDIUMD-Link DIR-605L sub_454F2C command injectionEPSS 53.8%CVE-2019-0541HIGHA remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code ExEPSS 53.2%KEVCVE-2020-25079HIGHAn issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. cgi-bin/ddns_enc.cgi allows authenticaEPSS 52.7%KEVCVE-2025-1338MEDIUMNUUO Camera handle_config.php print_file command injectionEPSS 51.9%CVE-2025-9528MEDIUMLinksys E1700 systemCommand os command injectionEPSS 50.1%CVE-2025-47188MEDIUMA vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones through 6.4 SP4 (R6.4.0.4006), and the 6970 Conference UnEPSS 48.5%CVE-2023-33919HIGHA vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05).EPSS 47.7%CVE-2025-54782CRITICAL@nestjs/devtools-integration's CSRF to Sandbox Escape Allows for RCE against JS DevelopersEPSS 46.2%CVE-2022-45701HIGHArris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.EPSS 45.3%