Weaknesses of type CWE-78

3,840 results
CVE-2026-2629MEDIUMjishi node-sonos-http-api TTS Provider mac-os.js Promise os command injectionEPSS 1.7%CVE-2005-10003MEDIUMmikexstudios Xcomic os command injectionEPSS 1.7%CVE-2022-37901HIGHAuthenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilitieEPSS 1.7%CVE-2024-4253HIGHCommand Injection in gradio-app/gradioEPSS 1.7%CVE-2024-24899HIGHCommand injection in aops-zeusEPSS 1.7%CVE-2023-50651CRITICALTOTOLINK X6000R v9.4.0cu.852_B20230719 was discovered to contain a remote command execution (RCE) vulnerability via the component /cgi-bin/cEPSS 1.7%CVE-2026-40261HIGHComposer has Command Injection via Malicious Perforce ReferenceEPSS 1.7%CVE-2019-25289HIGHINIM Electronics SmartLiving SmartLAN/G/SI <=6.x Remote Command ExecutionEPSS 1.7%CVE-2026-0765HIGHOpen WebUI PIP install_frontmatter_requirements Command Injection Remote Code Execution VulnerabilityEPSS 1.7%CVE-2026-12851CRITICALGeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerabilityEPSS 1.7%CVE-2026-12849CRITICALGeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerabilityEPSS 1.7%CVE-2024-31977HIGHAdtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters EPSS 1.7%CVE-2020-2492HIGHIf exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP SysteEPSS 1.7%CVE-2026-56700CRITICALGrav - Multiple Remote Code Execution Vulnerabilities via Unsafe Unserialize and Command InjectionEPSS 1.7%CVE-2023-3267CRITICALWhen adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passeEPSS 1.7%CVE-2022-43971HIGHArbitrary code execution in Linksys WUMC710EPSS 1.7%CVE-2024-8869LOWTOTOLINK A720R exportOvpn os command injectionEPSS 1.7%CVE-2024-42737CRITICALIn TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in delBlacklist. AuEPSS 1.7%CVE-2024-38887CRITICALAn issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker tEPSS 1.7%CVE-2025-58763HIGHTautulli vulnerable to Authenticated Remote Code Execution via Command InjectionEPSS 1.7%