Fallos del tipo CWE-77

2525 resultados
CVE-2020-11073HIGHRemote Code Execution in Autoswitch Python VirtualenvEPSS 0.5%CVE-2024-57036HIGHTOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerEPSS 0.5%CVE-2026-41497CRITICALIncomplete fix for CVE-2026-34935: Command Injection in MervinPraison/PraisonAIEPSS 0.5%CVE-2024-38641HIGHQTS, QuTS heroEPSS 0.5%CVE-2024-48145CRITICALA prompt injection vulnerability in the chatbox of Netangular Technologies ChatNet AI Version v1.0 allows attackers to access and exfiltrateEPSS 0.5%CVE-2024-48144CRITICALA prompt injection vulnerability in the chatbox of Fusion Chat Chat AI Assistant Ask Me Anything v1.2.4.0 allows attackers to access and exfEPSS 0.5%CVE-2024-51258HIGHDrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the EPSS 0.5%CVE-2026-22708HIGHCursor has a Terminal Tool Allowlist Bypass via Environment VariablesEPSS 0.5%CVE-2022-35503HIGHImproper verification of a user input in Open Source MANO v7-v12 allows an authenticated attacker to execute arbitrary code within the LCM mEPSS 0.5%CVE-2025-59252CRITICALM365 Copilot Information Disclosure VulnerabilityEPSS 0.5%CVE-2021-0252HIGHJunos OS: NFX Series: Local Code Execution Vulnerability in JDMD Leads to Privilege EscalationEPSS 0.5%CVE-2025-59286CRITICALCopilot Information Disclosure VulnerabilityEPSS 0.5%CVE-2025-52365HIGHA command injection vulnerability in the szc script of the ccurtsinger/stabilizer repository allows remote attackers to execute arbitrary syEPSS 0.5%CVE-2026-46529HIGHPDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopenEPSS 0.5%CVE-2025-59272CRITICALCopilot Information Disclosure VulnerabilityEPSS 0.5%CVE-2024-44383HIGHWAYOS FBM-291W v19.09.11 is vulnerable to Command Execution via msp_info_htm.EPSS 0.5%CVE-2025-32702HIGHVisual Studio Remote Code Execution VulnerabilityEPSS 0.5%CVE-2022-37704MEDIUMAmanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /EPSS 0.5%CVE-2026-23779MEDIUMDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release verEPSS 0.5%CVE-2024-38817MEDIUMVMware NSX contains a command injection vulnerability.  A malicious actor with access to the NSX Edge CLI terminal may be able to craft malEPSS 0.5%