Fallos del tipo CWE-78
3878 resultadosCVE-2026-46735HIGHDell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Neutralization of Special Elements used in an OS EPSS 0.7%CVE-2023-37863HIGHPHOENIX CONTACT: OS Command Injection in WP 6xxx Web panelsEPSS 0.7%CVE-2026-33791HIGHJunos OS and Junos OS Evolved: Execution of crafted CLI commands allows for arbitrary shell injection as rootEPSS 0.7%CVE-2026-34176HIGHKnowledge Appliance mode iControl REST vulnerabilityEPSS 0.7%CVE-2023-34139HIGHA command injection vulnerability in the Free Time WiFi hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.36 PatEPSS 0.7%CVE-2025-52994MEDIUMgif_outputAsJpeg in phpThumb through 1.7.23 allows phpthumb.gif.php OS Command Injection via a crafted parameter value. This is fixed in 1.7EPSS 0.7%CVE-2024-26258HIGHOS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with credentials to execute arbitrary OEPSS 0.7%CVE-2026-25063HIGHgradle-completion has a Bash command injection issueEPSS 0.7%CVE-2024-30414HIGHCommand injection vulnerability in the AccountManager module.
Impact: Successful exploitation of this vulnerability may affect service confiEPSS 0.7%CVE-2025-65480HIGHAn issue was discovered in Pacom Unison Client 5.13.1. Authenticated users can inject malicious scripts in the Report Templates which are exEPSS 0.7%CVE-2026-35518HIGHPi-hole FTL affected by Remote Code Execution (RCE) via dns.cnameRecords Newline InjectionEPSS 0.7%CVE-2026-35521HIGHPi-hole FTL affected by Remote Code Execution (RCE) via dhcp.hosts Newline InjectionEPSS 0.7%CVE-2022-26413HIGHA command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticatedEPSS 0.7%CVE-2022-39057HIGHChanging Information Technology Inc. RAVA certificate validation system - Command InjectionEPSS 0.7%CVE-2026-49869CRITICALKestra: Unauthenticated Remote Code Execution via Authentication Bypass in `AuthenticationFilter`EPSS 0.7%CVE-2017-20236CRITICALProSoft Technology ICX35-HWC Command Injection via Web InterfaceEPSS 0.7%CVE-2024-20459MEDIUMCisco ATA 190 Series Analog Telephone Adapter Muliplatform Firmware Command Injection VulnerabilityEPSS 0.7%CVE-2024-8881MEDIUMA post-authentication command injection vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and EPSS 0.7%CVE-2026-34107CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in translate.phpEPSS 0.7%CVE-2026-34106CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in subtitles.phpEPSS 0.7%