Weaknesses of type CWE-77

2,524 results
CVE-2026-21257HIGHGitHub Copilot and Visual Studio Elevation of Privilege VulnerabilityEPSS 0.8%CVE-2024-53692MEDIUMQTS, QuTS heroEPSS 0.8%CVE-2024-10035CRITICALCode Injection in BG-TEK's CoslatV3EPSS 0.8%CVE-2017-12305A vulnerability in the debug interface of Cisco IP Phone 8800 series could allow an authenticated, local attacker to execute arbitrary commaEPSS 0.8%CVE-2023-29474CRITICALinventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attackEPSS 0.8%CVE-2023-29473CRITICALwebservice in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacEPSS 0.8%CVE-2024-51114HIGHAn issue in Beijing Digital China Yunke Information Technology Co.Ltd v.7.2.6.120 allows a remote attacker to execute arbitrary code via theEPSS 0.8%CVE-2025-25364HIGHA command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN up to v15.0.0 allows attackers to executEPSS 0.8%CVE-2025-44179MEDIUMHitron CGNF-TWN 3.1.1.43-TWN-pre3 contains a command injection vulnerability in the telnet service. The issue arises due to improper input vEPSS 0.8%CVE-2024-22093HIGHAppliance mode iControl REST vulnerabilityEPSS 0.8%CVE-2024-51186HIGHD-Link DIR-820L 1.05b03 was discovered to contain a remote code execution (RCE) vulnerability via the ping_addr parameter in the ping_v4 andEPSS 0.8%CVE-2024-53290HIGHDell ThinOS version 2408 contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An uEPSS 0.8%CVE-2022-20926MEDIUMA vulnerability in the web management interface of the Cisco Firepower Management Center (FMC) Software could allow an authenticated, remoteEPSS 0.8%CVE-2026-5125MEDIUMraine consult-llm-mcp server.ts child_process.execSync os command injectionEPSS 0.8%CVE-2025-46625HIGHLack of input validation/sanitization in the 'setLanCfg' API endpoint in httpd in the Tenda RX2 Pro 16.03.30.14 allows a remote attacker thaEPSS 0.8%CVE-2023-36755CRITICALA vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEEPSS 0.8%CVE-2025-69600HIGHCommand injection in Raynet rvia RayVentory Scan Engine 12.6 Update 8 and previous versions allows adversaries to execute commands via getcoEPSS 0.8%CVE-2025-25604MEDIUMTotolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the vif_disable function in mtkwifi.lua.EPSS 0.8%CVE-2022-20925MEDIUMA vulnerability in the web management interface of the Cisco Firepower Management Center (FMC) Software could allow an authenticated, remoteEPSS 0.8%CVE-2025-55590MEDIUMTOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an command injection vulnerability via the component bupload.html.EPSS 0.8%