Fallos del tipo CWE-78

3877 resultados
CVE-2025-25053HIGHOS command injection vulnerability in the WEB UI (the setting page) exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, an arbitraryEPSS 0.9%CVE-2025-23237MEDIUMImproper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in UD-LT2 firmware Ver.1.00.008_SE aEPSS 0.9%CVE-2024-22224HIGH Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could pEPSS 0.9%CVE-2025-41267HIGHNozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the EPSS 0.9%CVE-2025-41266HIGHNozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the EPSS 0.9%CVE-2025-41279HIGHNozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the EPSS 0.9%CVE-2026-26942MEDIUMDell PowerProtect Data Domain, versions 8.5 through 8.6 contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OSEPSS 0.9%CVE-2024-39935HIGHjc21 NGINX Proxy Manager before 2.11.3 allows backend/internal/certificate.js OS command injection by an authenticated user (with certificatEPSS 0.9%CVE-2025-41265HIGHNozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the EPSS 0.9%CVE-2023-34980MEDIUMQTS, QuTS heroEPSS 0.9%CVE-2023-28392HIGHWi-Fi AP UNIT AC-PD-WAPU v1.05_B04 and earlier, AC-PD-WAPUM v1.05_B04 and earlier, AC-PD-WAPU-P v1.05_B04P and earlier, AC-PD-WAPUM-P v1.05_EPSS 0.9%CVE-2024-22223HIGH Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svc_cbr utility. An authenticated malicious usEPSS 0.9%CVE-2026-8632HIGHHP Linux Imaging and Printing Software – Potential Escalation of Privilege and Arbitrary Code ExecutionEPSS 0.9%CVE-2024-22033MEDIUMobs-service-download_url is vulnerable to argument injectionEPSS 0.9%CVE-2025-2983MEDIUMLegrand SMS PowerView os command injectionEPSS 0.9%CVE-2026-32950HIGHSQLBot: RCE via SQL Injection in Excel Upload EndpointEPSS 0.9%CVE-2026-0507HIGHOS Command Injection vulnerability in SAP Application Server for ABAP and SAP NetWeaver RFCSDKEPSS 0.9%CVE-2022-38387HIGHIBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.2.0 could allow a remote authenticated attacker to execute arbitrary commands on theEPSS 0.9%CVE-2022-1359MEDIUMCambium Networks cnMaestro Path TraversalEPSS 0.9%CVE-2025-15388HIGHQNO Technology|VPN Firewall - OS Command InjectionEPSS 0.9%