Fallos del tipo CWE-78

3842 resultados
CVE-2022-39224HIGHArbitrary shell execution when extracting or listing files contained in a malicious rpm.EPSS 1.6%CVE-2025-15060CRITICALclaude-hovercraft executeClaudeCode Command Injection Remote Code Execution VulnerabilityEPSS 1.6%CVE-2025-10619MEDIUMsequa-ai sequa-mcp OAuth Server Discovery node-oauth-client-provider.ts redirectToAuthorization os command injectionEPSS 1.6%CVE-2021-47816MEDIUMThecus N4800Eco Nas Server Control Panel - Command InjectionEPSS 1.6%CVE-2024-8806CRITICALCohesive Networks VNS3 Command Injection Remote Code Execution VulnerabilityEPSS 1.6%CVE-2025-63414CRITICALA Path Traversal vulnerability in the Allsky WebUI version v2024.12.06_06 allows an unauthenticated remote attacker to achieve arbitrary comEPSS 1.6%CVE-2026-37281CRITICALAn OS command injection vulnerability in the /stream-to-vlc Express route in hitarth-gg Zenshin before 2.7.0 allows remote attackers to execEPSS 1.6%CVE-2024-42736HIGHIn TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in addBlacklist. AuEPSS 1.6%CVE-2025-13284CRITICALThinPLUS|ThinPLUS - OS Command InjectionEPSS 1.6%CVE-2024-28187HIGHOS Command Injection Vulnerability in SOY CMSEPSS 1.6%CVE-2009-20010CRITICALDogfood CRM spell.php RCEEPSS 1.6%CVE-2024-0714MEDIUMMiczFlor RPi-Jukebox-RFID HTTP Request userScripts.php os command injectionEPSS 1.6%CVE-2025-34239HIGHAdvantech WebAccess/VPN < 1.1.5 Command Injection in AppManagementController.appUpgradeAction()EPSS 1.6%CVE-2024-24331CRITICALTOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setWiFiSEPSS 1.6%CVE-2026-11556HIGHTenda F451 Web Management WriteFacMac formWriteFacMac os command injectionEPSS 1.6%CVE-2024-3659CRITICALCommand injection in KAON AR2140 routersEPSS 1.6%CVE-2026-42364CRITICALGeoVision LPC2011/LPC2211 Web Interface / DdnsSetting.cgi OS command injection vulnerabilityEPSS 1.6%CVE-2024-26260CRITICALHgiga OAKlouds - Command InjectionEPSS 1.6%CVE-2022-48337CRITICALGNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etagEPSS 1.6%CVE-2020-4066LOWCommand Injection in Limdu trainBatch functionEPSS 1.6%