Weaknesses of type CWE-78
3,821 resultsCVE-2023-24805HIGHCommand injection in cups-filtersEPSS 3.7%CVE-2018-25126CRITICALTVT NVMS-9000 Hard-coded API Credentials & Command InjectionEPSS 3.7%CVE-2024-5421HIGHAuthenticated Command InjectionEPSS 3.7%CVE-2025-34161CRITICALCoolify Git Repository Field Command Injection in Project Deployment WorkflowEPSS 3.7%CVE-2024-20720CRITICALCommand injection in data collector backup due to insufficient patching of CVE-2023-38208EPSS 3.7%CVE-2025-54403HIGHMultiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially crafted networEPSS 3.7%CVE-2025-54404HIGHMultiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially crafted networEPSS 3.7%CVE-2025-67840HIGHMultiple authenticated OS command injection vulnerabilities exist in the Cohesity (formerly Stone Ram) TranZman 4.0 Build 14614 through TZM_EPSS 3.7%CVE-2024-8926HIGHPHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)EPSS 3.7%CVE-2021-40409CRITICALAn OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [1] orEPSS 3.7%CVE-2021-40408CRITICALAn OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [1] orEPSS 3.7%CVE-2021-27102HIGHAccellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call. The fixed version is FTA_9_12_416 and lEPSS 3.7%KEVCVE-2022-33140—Improper Neutralization of Command Elements in Shell User Group ProviderEPSS 3.6%CVE-2022-50596CRITICALD-Link DIR-1260 <= v1.20B05 GetDeviceSettings Unauthenticated Command InjectionEPSS 3.6%CVE-2023-26134CRITICALVersions of the package git-commit-info before 2.0.2 are vulnerable to Command Injection such that the package-exported method gitCommitInfoEPSS 3.6%CVE-2022-27804HIGHAn os command injection vulnerability exists in the web interface util_set_abode_code functionality of Abode Systems, Inc. iota All-In-One SEPSS 3.6%CVE-2020-8178—Insufficient input validation in npm package `jison` <= 0.4.18 may lead to OS command injection attacks.EPSS 3.6%CVE-2026-4558HIGHLinksys MR9600 SmartConnect.lua smartConnectConfigure os command injectionEPSS 3.6%CVE-2021-32749MEDIUMPossible RCE vulnerability in mailing action using mailutils (mail-whois)EPSS 3.6%CVE-2022-29851CRITICALdocumentconverter in OX App Suite through 7.10.6, in a non-default configuration with ghostscript, allows OS Command Injection because file EPSS 3.6%