Fallos del tipo CWE-78
3856 resultadosCVE-2025-67447CRITICALThe network diagnosis (ping) module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to OS command injection. The applicatiEPSS 1.0%CVE-2024-23961MEDIUMAlpine Halo9 UPDM_wemCmdUpdFSpeDecomp Command Injection Remote Code Execution VulnerabilityEPSS 1.0%CVE-2024-50375CRITICALA CWE-306 "Missing Authentication for Critical Function" was discovered affecting the following devices manufactured by Advantech: EKI-6333AEPSS 1.0%CVE-2024-23924MEDIUMAlpine Halo9 UPDM_wemCmdCreatSHA256Hash Command Injection Remote Code Execution VulnerabilityEPSS 1.0%CVE-2026-0854HIGHMerit LILIN|NVR - OS Command InjectionEPSS 1.0%CVE-2018-20106MEDIUMSMB printer settings don't escape characters in passwords properlyEPSS 1.0%CVE-2023-31209HIGHCommand injection via active checks and REST APIEPSS 1.0%CVE-2021-47748CRITICALHasura GraphQL 1.3.3 - Remote Code ExecutionEPSS 1.0%CVE-2024-28033HIGHOS command injection vulnerability exists in WebProxy 1.7.8 and 1.7.9, which may allow a remote unauthenticated attacker to execute an arbitEPSS 1.0%CVE-2022-1410HIGHRemote Code Execution in Device42 ApplianceManager consoleEPSS 1.0%CVE-2020-3377MEDIUMCisco Data Center Network Manager Command Injection VulnerabilityEPSS 1.0%CVE-2022-43907HIGHIBM Security Guardium command executionEPSS 1.0%CVE-2024-1880HIGHOS Command Injection in MacOS Text-To-Speech Class in significant-gravitas/autogptEPSS 1.0%CVE-2021-31854HIGHCode injection vulnerability in McAfee AgentEPSS 1.0%CVE-2026-4802HIGHCockpit: cockpit: arbitrary command execution via crafted links in system logs uiEPSS 1.0%CVE-2022-42289HIGHNVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to codEPSS 1.0%CVE-2025-60006MEDIUMJunos OS Evolved: OS command injection vulnerabilities fixedEPSS 1.0%CVE-2022-42290HIGHNVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to codEPSS 1.0%CVE-2024-22225HIGH
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_supportassist utility. An authenticated attackEPSS 1.0%CVE-2024-9461HIGHTotal Upkeep <= 1.16.6 - Authenticated (Administrator+) Remote Code Execution via Backup SettingsEPSS 1.0%