Fallos del tipo CWE-78

3837 resultados
CVE-2025-34286CRITICALNagios XI < 2026R1 RCE via Run Check Command in CCMEPSS 2.2%CVE-2025-34134CRITICALNagios XI < 2024R1.4.2 RCE via Business Process Intelligence (BPI)EPSS 2.2%CVE-2024-14008CRITICALNagios XI < 2024R1.3.2 RCE via WinRM Configuration WizardEPSS 2.2%CVE-2025-8667MEDIUMSkyworkAI DeepResearchAgent tools.py from_mcp os command injectionEPSS 2.2%CVE-2025-8697MEDIUMagentUniverse MCPSessionManager/MCPTool/MCPToolkit StdioServerParameters os command injectionEPSS 2.2%CVE-2022-0365CRITICALRicon Mobile, Inc.EPSS 2.2%CVE-2024-21756HIGHA improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4.4.0 thEPSS 2.2%CVE-2025-51390CRITICALTOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a command injection vulnerability via the pin parameter in the setWiFiWpsCoEPSS 2.2%CVE-2020-2490HIGHIf exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP SysteEPSS 2.2%CVE-2026-6132CRITICALTotolink A7100RU CGI cstecgi.cgi setLedCfg os command injectionEPSS 2.2%CVE-2024-6247MEDIUMWyze Cam v3 Wi-Fi SSID OS Command Injection Remote Code Execution VulnerabilityEPSS 2.2%CVE-2024-32351HIGHTOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "mruEPSS 2.2%CVE-2026-22781CRITICALTinyWeb CGI Command InjectionEPSS 2.2%CVE-2021-41243CRITICALOS Command Injection Vulnerability and Potential Zip Slip VulnerabilityEPSS 2.2%CVE-2026-34243CRITICALwenxian: Command Injection in GitHub Actions Workflow via `issue_comment.body`EPSS 2.2%CVE-2022-3874HIGHOs command injection via ct_command and fcct_commandEPSS 2.2%CVE-2025-7850CRITICALAuthenticated OS command executionEPSS 2.2%CVE-2022-45043HIGHTenda AX12 V22.03.01.16_cn is vulnerable to command injection via goform/fast_setting_internet_set.EPSS 2.2%CVE-2019-12811ActiveX Control in MyBuilder before 6.2.2019.814 allow an attacker to execute arbitrary command via the ShellOpen method. This can be leveraEPSS 2.2%CVE-2025-41709CRITICALCommand injection in power analyzer via Modbus-TCP and Modbus-RTUEPSS 2.2%