Weaknesses of type CWE-88
225 resultsCVE-2024-41711MEDIUMA vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, through R6.4.0.HF1 (EPSS 0.5%CVE-2026-25689MEDIUMAn improper neutralization of argument delimiters in a command ('argument injection') vulnerability in Fortinet FortiDeceptor 6.2.0, FortiDeEPSS 0.5%CVE-2026-54088CRITICALFile Browser: Command Injection via Authentication Hook Shell Substitution (Pre-Authentication RCE)EPSS 0.5%CVE-2022-44731MEDIUMA vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions < V3.15 P038), SIMATIC WinCC OA V3.16 (All versions < V3.16 P035EPSS 0.5%CVE-2026-45158CRITICALOPNsense: Command Injection via Attacker-Controlled DHCP ConfigEPSS 0.5%CVE-2019-5012HIGHAn exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the startProcess coEPSS 0.5%CVE-2026-0634HIGHCode Execution in AssistFeedbackService on TECNO Pova7 Pro 5GEPSS 0.5%CVE-2024-2422CRITICALLenelS2 NetBox Improper Neutralization of Argumented DelimitersEPSS 0.5%CVE-2026-40938HIGHTekton Pipelines: Git Resolver Unsanitized Revision Parameter Enables git Argument Injection Leading to RCEEPSS 0.5%CVE-2024-32884MEDIUMgix-transport indirect code execution via malicious usernameEPSS 0.5%CVE-2024-32462HIGHFlatpak vulnerable to a sandbox escape via RequestBackground portal due to bad argument parsingEPSS 0.5%CVE-2025-49008CRITICALAtheos Improper Input Validation Vulnerability Enables RCE in Common.phpEPSS 0.5%CVE-2025-59937HIGHgo-mail has insufficient address encoding when passing mail addresses to the SMTP clientEPSS 0.5%CVE-2026-52750HIGHGhidra < 12.1- Command Injection via URL Annotation ClickEPSS 0.5%CVE-2026-31230CRITICALThe Adversarial Robustness Toolbox (ART) thru 1.20.1 contains a command-line argument injection vulnerability in its Kubeflow component (robEPSS 0.5%CVE-2025-0065HIGHImproper Neutralization of Argument Delimiters in TeamViewer ClientsEPSS 0.5%CVE-2026-42266HIGHJupyterLab has an Extension Manager API/GUI Policy Discrepancy allowing 3rd party (malicious) extensions install via POST request.EPSS 0.5%CVE-2026-43893HIGHexiftool-vendored: Argument injection via newline characters in tag namesEPSS 0.5%CVE-2025-49520HIGHEvent-driven-ansible: authenticated argument injection in git url in eda project creationEPSS 0.5%CVE-2022-4864MEDIUM Argument Injection in froxlor/froxlorEPSS 0.5%