Fallos del tipo CWE-77

2525 resultados
CVE-2024-23971HIGHChargePoint Home Flex OCPP bswitch Command InjectionEPSS 0.5%CVE-2019-1606MEDIUMCisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1606)EPSS 0.5%CVE-2026-12045CRITICALpgAdmin 4: AI Assistant read-only transaction bypass allows unauthorised writes and remote code executionEPSS 0.5%CVE-2025-54131MEDIUMCursor bypasses its allow list to execute arbitrary commandsEPSS 0.5%CVE-2023-42136HIGHPAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow the execution of arbitrary commands witEPSS 0.5%CVE-2025-59818CRITICALAuthenticated Remote Code Execution via the file name of an uploaded fileEPSS 0.5%CVE-2024-48139HIGHA prompt injection vulnerability in the chatbox of Blackbox AI v1.3.95 allows attackers to access and exfiltrate all previous and subsequentEPSS 0.5%CVE-2023-5752MEDIUMMercurial configuration injectable in repo revision when installing via pipEPSS 0.5%CVE-2018-0347A vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the Cisco SD-WAN Solution could allow an authenticated, local attacker to EPSS 0.5%CVE-2024-44570HIGHRELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the getParams function in phpinf.php.EPSS 0.5%CVE-2026-30617HIGHLangChain-ChatChat 0.3.1 contains a remote code execution vulnerability in its MCP STDIO server configuration and execution handling. A remoEPSS 0.5%CVE-2019-1923MEDIUMCisco Small Business SPA500 Series IP Phones Local Command Execution VulnerabilityEPSS 0.5%CVE-2018-0351A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbiEPSS 0.5%CVE-2019-1612MEDIUMCisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1612)EPSS 0.5%CVE-2025-20334HIGHA vulnerability in the HTTP API subsystem of Cisco IOS XE Software could allow a remote attacker to inject commands that will execute with rEPSS 0.5%CVE-2024-29404HIGHAn issue in Razer Synapse 3 v.3.9.131.20813 and Synapse 3 App v.20240213 allows a local attacker to execute arbitrary code via the export paEPSS 0.5%CVE-2026-22623HIGHDue to insufficient input parameter validation on the interface, authenticated users of certain HIKSEMI NAS products can execute arbitrary cEPSS 0.5%CVE-2018-0224A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenEPSS 0.5%CVE-2024-56837HIGHA vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEEPSS 0.5%CVE-2023-20152MEDIUMCisco Identity Services Engine Command Injection VulnerabilitiesEPSS 0.5%