Fallos del tipo CWE-78

3878 resultados
CVE-2024-56497MEDIUMAn improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiMail versions 7.2.0 through 7EPSS 0.6%CVE-2026-9560CRITICALPrivilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands wEPSS 0.6%CVE-2025-10622HIGHForeman: os command injection via ct_location and fcct_location parametersEPSS 0.6%CVE-2026-31019HIGHIn the Website module of Dolibarr ERP & CRM 22.0.4 and below, the application uses blacklist-based filtering to restrict dangerous PHP functEPSS 0.6%CVE-2026-35073MEDIUMDell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versionsEPSS 0.6%CVE-2026-35072MEDIUMDell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versionsEPSS 0.6%CVE-2026-35074MEDIUMDell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versionsEPSS 0.6%CVE-2026-31994MEDIUMOpenClaw < 2026.2.19 - Local Command Injection via Unsafe cmd Argument Handling in Windows Scheduled Task Script GenerationEPSS 0.6%CVE-2026-25855HIGHOpenBullet2 0.3.2 Authenticated RCE via FileProxySource Script UploadEPSS 0.6%CVE-2024-31481MEDIUMUnauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of EPSS 0.6%CVE-2024-31479MEDIUMUnauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol. SuccessfEPSS 0.6%CVE-2024-31480MEDIUMUnauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of EPSS 0.6%CVE-2021-32475ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. Moodle 3.10 to 3.10.3, 3.9 to 3EPSS 0.6%CVE-2026-25053CRITICALn8n is Vulnerable to OS Command Injection in Git NodeEPSS 0.6%CVE-2026-44168HIGHMariaDB: wsrep SST unsafe parameter handling on the donor sideEPSS 0.6%CVE-2026-27602HIGHModoboa has an OS Command InjectionEPSS 0.6%CVE-2026-32191CRITICALMicrosoft Bing Images Remote Code Execution VulnerabilityEPSS 0.6%CVE-2024-43387HIGHPhoenix Contact: Access files due to improper neutralization of special elements in MGUARD devicesEPSS 0.6%CVE-2025-65882CRITICALAn issue was discovered in openmptcprouter thru 0.64 in file common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c in function creaEPSS 0.6%CVE-2022-35717HIGH"IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending EPSS 0.6%