Weaknesses of type CWE-78
3,847 resultsCVE-2024-11065HIGHD-Link DSL6740C - OS Command InjectionEPSS 1.3%CVE-2024-11064HIGHD-Link DSL6740C - OS Command InjectionEPSS 1.3%CVE-2023-3939CRITICALMultiple command injection in ZkTeco-based OEM devicesEPSS 1.3%CVE-2023-23779MEDIUMMultiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiWeb verEPSS 1.3%CVE-2022-48583HIGHA command injection vulnerability exists in the dashboard scheduler feature of the ScienceLogic SL1 that takes unsanitized user‐controlled iEPSS 1.3%CVE-2023-23777HIGHAn improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiWeb version 7.0EPSS 1.3%CVE-2022-48582HIGHA command injection vulnerability exists in the ticket report generate feature of the ScienceLogic SL1 that takes unsanitized user controlleEPSS 1.3%CVE-2022-48584HIGHA command injection vulnerability exists in the download and convert report feature of the ScienceLogic SL1 that takes unsanitized user‐contEPSS 1.3%CVE-2024-3126HIGHCommand Injection in parisneo/lollms-webuiEPSS 1.3%CVE-2026-6108MEDIUM1Panel-dev MaxKB Model Context Protocol Node base_mcp_node.py execute os command injectionEPSS 1.3%CVE-2025-8748HIGHOS command injection in MiR robots and MiR fleet via crafted HTTP requestsEPSS 1.3%CVE-2024-42057HIGHA command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series fEPSS 1.3%CVE-2025-34148CRITICALShenzhen Aitemi M300 Wi-Fi Repeater OS Command Injection via WISP SSIDEPSS 1.3%CVE-2024-50393HIGHQTS, QuTS heroEPSS 1.3%CVE-2018-25118CRITICALGeoVision Command Injection RCE via /PictureCatch.cgiEPSS 1.3%CVE-2026-8603HIGHImproper neutralization of special elements used in an OS command ('OS command injection') in ScadaBREPSS 1.3%CVE-2023-22815MEDIUMPost-authentication remote command injection vulnerability on Western Digital My Cloud OS 5 devicesEPSS 1.3%CVE-2022-20652MEDIUMCisco Tetration Command Injection VulnerabilityEPSS 1.3%CVE-2023-25313CRITICALOS injection vulnerability in World Wide Broadcast Network AVideo version before 12.4, allows attackers to execute arbitrary code via the viEPSS 1.3%CVE-2026-36045HIGHpicoclaw <=v0.1.2 and earlier is vulnerable to OS command injection via the ExecTool component (pkg/tools/shell.go). The guardCommand() funcEPSS 1.3%