Weaknesses of type CWE-77

2,524 results
CVE-2023-4310BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) versions 23.2.1 and 23.2.2 contain a command injection vulnerability whicEPSS 1.4%CVE-2025-2916MEDIUMAishida Call Center System amr2mp3 command injectionEPSS 1.4%CVE-2025-2733MEDIUMmannaandpoem OpenManus Prompt python_execute.py os command injectionEPSS 1.4%CVE-2026-2548MEDIUMWAYOS FBM-220G rc sub_40F820 command injectionEPSS 1.4%CVE-2024-24897HIGHRemote command execution in A-Tune-CollectorEPSS 1.4%CVE-2026-21520HIGHCopilot Studio Information Disclosure VulnerabilityEPSS 1.4%CVE-2024-47460CRITICALUnauthenticated Command Injection Vulnerability in the CLI Service Accessed by the PAPI ProtocolEPSS 1.4%CVE-2026-40135MEDIUMOS Command Injection vulnerability in SAP NetWeaver Application Server for ABAP and ABAP PlatformEPSS 1.4%CVE-2026-9359MEDIUMEdimax EW-7438RPn POST Request formHwSet command injectionEPSS 1.4%CVE-2026-9297MEDIUMEdimax BR-6428NS POST Request formWlbasic command injectionEPSS 1.4%CVE-2026-7446MEDIUMVetCoders mcp-server-semgrep MCP index.ts create_rule os command injectionEPSS 1.4%CVE-2024-27980HIGHDue to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject aEPSS 1.4%CVE-2026-8235MEDIUM8421bit MiniClaw System kernel.ts resolveSkillScriptPath os command injectionEPSS 1.4%CVE-2024-11861CRITICALCommand injection in EnerSys AMPA 22.09 and prior versionsEPSS 1.4%CVE-2022-37879HIGHVulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands onEPSS 1.4%CVE-2024-36783CRITICALTOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the host_time parameter in the NTPSyncWithHost functEPSS 1.4%CVE-2026-9453MEDIUMFoundDream miniclawd SkillsLoader skills-loader.ts which command injectionEPSS 1.4%CVE-2019-14868HIGHIn ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to overrideEPSS 1.4%CVE-2026-9452MEDIUMFoundDream miniclawd exec.ts ExecTool.execute os command injectionEPSS 1.4%CVE-2022-45104HIGH Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain a command execution vulnerability. EPSS 1.4%