Fallos del tipo CWE-78

3837 resultados
CVE-2025-54074HIGHCherry Studio is Vulnerable to OS Command Injection during Connection with a Malicious MCP ServerEPSS 2.1%CVE-2026-6349CRITICALHGiga|iSherlock - OS Command InjectionEPSS 2.1%CVE-2024-1624CRITICALOS Command Injection vulnerability affecting documentation server on certain Releases of 3DEXPERIENCE, SIMULIA Abaqus, SIMULIA Isight and CATIA ComposerEPSS 2.1%CVE-2021-33534HIGHWEIDMUELLER: WLAN devices affected by OS Command Injection vulnerabilityEPSS 2.1%CVE-2026-9543CRITICALTotolink N300RH Web Management cstecgi.cgi setPasswordCfg os command injectionEPSS 2.1%CVE-2026-29058CRITICALAVideo: Unauthenticated OS Command Injection via base64Url in objects/getImage.phpEPSS 2.1%CVE-2025-22398CRITICALDell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command InjectionEPSS 2.1%CVE-2023-3097MEDIUMKylinSoft kylin-software-properties setMainSource os command injectionEPSS 2.1%CVE-2024-2162HIGHAuthenticated Remote Code Execution in Kiloview NDI N series productsEPSS 2.1%CVE-2025-15061CRITICALFramelink Figma MCP Server fetchWithRetry Command Injection Remote Code Execution VulnerabilityEPSS 2.1%CVE-2023-42120HIGHControl Web Panel dns_zone_editor Command Injection Remote Code Execution VulnerabilityEPSS 2.1%CVE-2021-32512CRITICALQSAN Storage Manager - Command Injection Following via QuickInstall functionEPSS 2.1%CVE-2021-32513CRITICALQSAN Storage Manager - Command Injection Following via QsanTorture functionEPSS 2.1%CVE-2024-30247CRITICALCommand Injection as root in NextCloudPi web panelEPSS 2.1%CVE-2024-41315MEDIUMTOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_eEPSS 2.1%CVE-2026-22265HIGHRoxy-WI has a Command Injection via grep parameter in logs.py allows authenticated RCEEPSS 2.1%CVE-2021-1487HIGHCisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Command Injection VulnerabilityEPSS 2.1%CVE-2026-5977CRITICALTotolink A7100RU CGI cstecgi.cgi setWiFiBasicCfg os command injectionEPSS 2.1%CVE-2025-15063CRITICALOllama MCP Server execAsync Command Injection Remote Code Execution VulnerabilityEPSS 2.1%CVE-2023-36548CRITICALA improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.EPSS 2.1%