Weaknesses of type CWE-78

3,878 results
CVE-2025-46644MEDIUMDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 releaseEPSS 0.5%CVE-2024-49281MEDIUMWordPress Click to Chat – WP Support All-in-One Floating Widget plugin <= 2.3.3 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.5%CVE-2024-41956HIGHSoft Serve allows arbitrary code execution by crafting git-lfs requestsEPSS 0.5%CVE-2024-20275MEDIUMCisco Secure Firewall Management Center Software Backup Cluster Command Injection VulnerabilityEPSS 0.5%CVE-2025-49008CRITICALAtheos Improper Input Validation Vulnerability Enables RCE in Common.phpEPSS 0.5%CVE-2023-41838MEDIUMAn improper neutralization of special elements used in an os command ('os command injection') in FortiManager 7.4.0 and 7.2.0 through 7.2.3 EPSS 0.5%CVE-2025-24385HIGHDell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command InjectionEPSS 0.5%CVE-2024-31668CRITICALrizin before v0.6.3 is vulnerable to Improper Neutralization of Special Elements via meta_set function in librz/analysis/meta.EPSS 0.5%CVE-2026-32311CRITICALCommand Injection and Docker container escape allows root on host machineEPSS 0.5%CVE-2025-41281HIGHNozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in WateEPSS 0.5%CVE-2024-58286CRITICALdizqueTV 1.5.3 Remote Code Execution via FFMPEG Executable PathEPSS 0.5%CVE-2025-9997MEDIUMCWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause comEPSS 0.5%CVE-2018-19639MEDIUMCode execution if run with command line switch -vEPSS 0.5%CVE-2026-22718MEDIUMCommand injection vulnerabilityEPSS 0.5%CVE-2025-0119MEDIUMCortex XDR Broker VM: Authenticated Command Injection Vulnerability in Broker VMEPSS 0.5%CVE-2026-28384CRITICALAuthenticated RCE via unsanitized compression_algorithmEPSS 0.5%CVE-2026-41411MEDIUMVim: Command injection via backtick expansion in tag filenamesEPSS 0.5%CVE-2024-6032HIGHTesla Model S Iris Modem ql_atfwd Command Injection Code Execution VulnerabilityEPSS 0.5%CVE-2026-33613HIGHMB connect line mbCONNECT24 vulnerable to RCE in generateSrpArrayEPSS 0.5%CVE-2025-11142HIGHThe VAPIX API mediaclip.cgi that did not have a sufficient input validation allowing for a possible remote code execution. This flaw can onlEPSS 0.5%