Weaknesses of type CWE-88
225 resultsCVE-2025-43730HIGHDell ThinOS 10, versions prior to 2508_10.0127, contains an Improper Neutralization of Argument Delimiters in a Command ('Argument InjectionEPSS 0.2%CVE-2026-41570HIGHPHPUnit: Argument injection via newline in PHP INI values forwarded to child processesEPSS 0.2%CVE-2026-4438MEDIUMgethostbyaddr and gethostbyaddr_r return invalid DNS hostnamesEPSS 0.2%CVE-2026-20063MEDIUMCisco Secure FTD Software Authenticated Command Injection VulnerabilityEPSS 0.2%CVE-2025-36565MEDIUMDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 releasEPSS 0.2%CVE-2025-6231HIGHAn improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute coEPSS 0.2%CVE-2025-6232HIGHAn improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute coEPSS 0.2%CVE-2025-24845MEDIUMImproper neutralization of argument delimiters in a command ('Argument Injection') issue exists in Defense Platform Home Edition Ver.3.9.51.EPSS 0.2%CVE-2025-67858HIGHA crafted "interface" input parameter can lead to integrity loss of the firewall configurationEPSS 0.2%CVE-2026-50014MEDIUMpnpm: Git Fetch Argument Injection via Lockfile resolution.commitEPSS 0.2%CVE-2026-43943HIGHelecterm: RCE via malicious SSH server filename in openFileWithEditorEPSS 0.2%CVE-2025-41761HIGHPrivilege escalation possibleEPSS 0.2%CVE-2026-45181MEDIUMHex-Rays IDA Pro 9.2 and 9.3 before 9.3sp2 does not block Clang dependency-file generation (via argument injection), which allows attackers EPSS 0.2%CVE-2026-11332HIGHAnsible-core: argument injection in ansible-galaxy role install leads to arbitrary code executionEPSS 0.2%CVE-2026-44712HIGHpam_usb: Shell injection via device UUID and username in pamusb-conf and pamusb-agentEPSS 0.2%CVE-2026-1715MEDIUMAn input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow aEPSS 0.1%CVE-2026-1716MEDIUMAn input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow aEPSS 0.1%CVE-2026-1717MEDIUMAn input validation vulnerability was reported in the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Baiying that could allEPSS 0.1%CVE-2025-66002MEDIUMLocal users can perform arbitrary unmounts via smb4k mount helper due to lack of input validationEPSS 0.1%CVE-2026-53694HIGHPotential local privileges escalation through argument injection in the nxchmod.sh scriptEPSS 0.1%