Fallos del tipo CWE-78
3847 resultadosCVE-2025-62193CRITICALNOAA PMEL Live Access Server (LAS) PyFerret command injectionEPSS 1.2%CVE-2025-60960HIGHOS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers tEPSS 1.2%CVE-2025-60963HIGHOS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers tEPSS 1.2%CVE-2023-4033HIGHOS Command Injection in mlflow/mlflowEPSS 1.2%CVE-2026-0273MEDIUMPAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UIEPSS 1.2%CVE-2024-57014HIGHTOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "recHour" parameter in setScEPSS 1.2%CVE-2024-43655CRITICALAny authenticated users can execute OS commands as root using the <redacted>.sh CGI script.EPSS 1.2%CVE-2026-24506HIGHDell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13EPSS 1.2%CVE-2026-9717HIGHCWE-78 Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could allow unauthorized EPSS 1.2%CVE-2023-47220MEDIUMMedia Streaming add-onEPSS 1.2%CVE-2026-26943HIGHDell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13EPSS 1.2%CVE-2025-36529HIGHAn OS command injection issue exists in multiple versions of TB-eye network recorders and AHD recorders. If this vulnerability is exploited,EPSS 1.2%CVE-2023-3260HIGHThe Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to command injection via the `user-name` URL parametEPSS 1.2%CVE-2026-58455CRITICALDockwatch 0.6.567 Unauthenticated OS Command Injection via ajax/compose.phpEPSS 1.2%CVE-2022-50919CRITICALTdarr 2.00.15 - Command InjectionEPSS 1.2%CVE-2021-47745HIGHCypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection via Firmware UpgradeEPSS 1.2%CVE-2023-20163MEDIUMCisco Identity Services Engine Command Injection VulnerabilitiesEPSS 1.2%CVE-2023-26128HIGHAll versions of the package keep-module-latest are vulnerable to Command Injection due to missing input sanitization or other checks and sanEPSS 1.2%CVE-2023-20164MEDIUMCisco Identity Services Engine Command Injection VulnerabilitiesEPSS 1.2%CVE-2023-41193HIGHD-Link DAP-1325 HNAP SetAPLanSettings SecondaryDNS Command Injection Remote Code Execution VulnerabilityEPSS 1.2%