Weaknesses of type CWE-78

3,885 results
CVE-2022-40679HIGHAn improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC 5.x all versions, 6.0 all versions, EPSS 0.2%CVE-2025-25269HIGHLocal Privilege Escalation via Unauthenticated Command InjectionEPSS 0.2%CVE-2026-45408CRITICALDokku: OS Command Injection via App Name in Git Pre-Receive HookEPSS 0.2%CVE-2026-8654HIGHImproper input validation in Delphix Continuous Data connectors allows an authenticated user to execute arbitrary operating system commands EPSS 0.2%CVE-2026-48694HIGHFastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In srcEPSS 0.2%CVE-2026-44463HIGHZed: Allowlist Bypass via Environment Variable Injection in Terminal Tool PermissionsEPSS 0.2%CVE-2026-44466HIGHZed: Allowlist Bypass via Bash Arithmetic Expansion in Terminal Tool PermissionsEPSS 0.2%CVE-2024-47115HIGHIBM AIX command executionEPSS 0.2%CVE-2026-40111CRITICALPraisonAIAgents has an OS Command Injection via shell=True in Memory Hooks Executor (memory/hooks.py)EPSS 0.2%CVE-2025-41225HIGHVMware vCenter Server authenticated command-execution vulnerabilityEPSS 0.2%CVE-2024-20289MEDIUMCisco NX-OS Software Command Injection VulnerabilityEPSS 0.2%CVE-2025-47780MEDIUMcli_permissions.conf: deny option does not work for disallowing shell commandsEPSS 0.2%CVE-2023-20015MEDIUMCisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS Fabric Interconnects Command Injection VulnerabilityEPSS 0.2%CVE-2026-25621HIGHArista Edge Threat Management NGFW Reports Application Insecure Input ValidationEPSS 0.2%CVE-2025-27079MEDIUMArbitrary File Creation vulnerability allows for Authenticated Remote Code Execution in CLI InterfaceEPSS 0.2%CVE-2025-43858CRITICALYoutubeDLSharp allows command injection on windows system due to non sanitized argumentsEPSS 0.2%CVE-2026-27955MEDIUMCoolify: Command Injection via Single-Quote Breakout in `executeInDocker()`EPSS 0.2%CVE-2026-34149LOWCoolify: Authenticated Host-Level RCE via Unescaped Database Credentials in Backup JobsEPSS 0.2%CVE-2026-45393HIGHLocal privilege escalation to SYSTEM in Cribl Edge for WindowsEPSS 0.2%CVE-2026-46606HIGHGlances: Command Injection via KVM/QEMU VM Domain Names in glances/plugins/vms/engines/virsh.pyEPSS 0.2%