Weaknesses of type CWE-78

3,822 results
CVE-2026-42589CRITICALGotenberg: Unauthenticated RCE via ExifTool Metadata Key InjectionEPSS 2.9%CVE-2024-8077MEDIUMTOTOLINK AC1200 T8 setTracerouteCfg os command injectionEPSS 2.9%CVE-2020-15631HIGHThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 1.04B03_HOTFIX WEPSS 2.9%CVE-2026-8112MEDIUM8421bit MiniClaw kernel.ts executeCognitivePulse os command injectionEPSS 2.9%CVE-2025-5525MEDIUMJrohy trojan linux.go LogChan os command injectionEPSS 2.9%CVE-2022-27004HIGHTotolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerabilEPSS 2.9%CVE-2022-27003HIGHTotolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerabilEPSS 2.9%CVE-2020-12522CRITICALCommand Injection Vulnerability in I/O-Check Service of WAGO PFC100, PFC200 and Touch Panel 600 Series with firmware versions <=FW10EPSS 2.9%CVE-2025-59359CRITICALOS command injection in Chaos Mesh via the cleanTcs mutationEPSS 2.9%CVE-2012-10041CRITICALWAN Emulator v2.3 Command ExecutionEPSS 2.9%CVE-2023-26145HIGHThis affects versions of the package pydash before 6.0.0. A number of pydash methods such as pydash.objects.invoke() and pydash.collections.EPSS 2.9%CVE-2021-21873CRITICALA specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd parameter. An attacker can make an authenticated HEPSS 2.9%CVE-2021-21874CRITICALA specially-crafted HTTP request can lead to arbitrary command execution in DSA keypasswd parameter. An attacker can make an authenticated HEPSS 2.9%CVE-2021-21875CRITICALA specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd parameter. An attacker can make an authenticated HTEPSS 2.9%CVE-2019-5140HIGHAn exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. A specially cEPSS 2.9%CVE-2020-5352HIGHDell EMC Data Protection Advisor 6.4, 6.5 and 18.1 contain an OS command injection vulnerability. A remote authenticated malicious user may EPSS 2.9%CVE-2026-33623MEDIUMPinchTab: OS Command Injection via Profile Name in Windows Cleanup Routine Enables Arbitrary Command ExecutionEPSS 2.9%CVE-2021-36024CRITICALMagento Commerce Improper Neutralization of Special Elements Used In A CommandEPSS 2.9%CVE-2024-3739MEDIUMcym1102 nginxWebUI upload os command injectionEPSS 2.9%CVE-2026-8264MEDIUMTenda AC6 httpd WifiApScan formWifiApScan os command injectionEPSS 2.9%