Weaknesses of type CWE-78
3,885 resultsCVE-2021-35032MEDIUMA vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitEPSS 0.2%CVE-2024-20398HIGHCisco IOS XR Software Local Privilege Escalation VulnerabilityEPSS 0.2%CVE-2026-45626MEDIUMArcane: OS Command Injection in Volume Browser ListDirectory via path query parameterEPSS 0.2%CVE-2025-20138HIGHCisco IOS XR Software CLI Privilege Escalation VulnerabilityEPSS 0.2%CVE-2021-41228HIGHCode injection in `saved_model_cli`EPSS 0.2%CVE-2026-57282MEDIUMJenkins Git client Plugin 6.6.0 and earlier does not correctly escape the workspace directory name when it is embedded into a generated SSH EPSS 0.2%CVE-2025-62801MEDIUMFastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_nameEPSS 0.2%CVE-2025-12742HIGHRemote Code Execution in Looker via Teradata JDBC DriverEPSS 0.2%CVE-2023-28000MEDIUMAn improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC CLI 7.1.0, 7.0.0 through 7.0.3, 6.2.EPSS 0.2%CVE-2025-37129MEDIUMAuthenticated Remote Code Execution allows Exploit in Scripts FeatureEPSS 0.2%CVE-2025-58374HIGHRoo Code: Auto-approve allows npm install execution of malicious postinstall scriptsEPSS 0.2%CVE-2022-25328MEDIUMPrivilege escalation through command injection in fscryptEPSS 0.2%CVE-2025-13605CRITICALShell command injection in 3onedata GW1101-1D(RS-485)-TB-P modbus gatewayEPSS 0.2%CVE-2026-0383HIGHInformation disclosure in Brocade Fabric OS before 9.2.1c2, 9.2.2 through 9.2.2a and 10.0.0EPSS 0.2%CVE-2026-22169HIGHOpenClaw < 2026.2.22 - Allowlist Bypass via sort Configuration in safeBinsEPSS 0.2%CVE-2026-10544MEDIUMImproper neutralization of special elements in the built-in PAM provider password rotation templates in Devolutions Server allows an authentEPSS 0.2%CVE-2026-34049LOWCoolify: Command Injection via unsanitized MongoDB collection names in database backupEPSS 0.2%CVE-2026-42201LOWCoolify: OS Command Injection via Database Credential Fields in Docker Compose Service CommandsEPSS 0.2%CVE-2021-36293MEDIUMDell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially expEPSS 0.2%CVE-2025-68922HIGHOpenOps before 0.6.11 allows remote code execution in the Terraform block.EPSS 0.2%