Falhas do tipo CWE-78
3.847 resultadosCVE-2023-40145HIGHWeintek cMT3000 HMI Web CGI OS Command InjectionEPSS 1.2%CVE-2024-42741HIGHIn TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setL2tpServerCfgEPSS 1.2%CVE-2026-5691MEDIUMTotolink A7100RU cstecgi.cgi setFirewallType os command injectionEPSS 1.2%CVE-2022-2251MEDIUMImproper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.EPSS 1.2%CVE-2026-2630HIGH[R1] Stand-alone Security Patches Available for Tenable Security Center versions 6.5.1, 6.6.0 and 6.7.2: SC-202602.1 + SC-202602.2EPSS 1.2%CVE-2020-15272HIGHShell-injection in git-tag-annotation GitHub actionEPSS 1.2%CVE-2025-30479HIGHDell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection to gainEPSS 1.2%CVE-2025-10659CRITICALMegaSys Enterprises Telenium Online Web Application OS Command InjectionEPSS 1.2%CVE-2025-10767LOWCosmodiumCS OnlyRAT Configuration File main.py remote_download os command injectionEPSS 1.2%CVE-2026-30815HIGHOS Command Injection Vulnerability in OpenVPN Module in TP-Link AX53EPSS 1.2%CVE-2026-22761MEDIUMDell PowerProtect Data Domain, versions 8.5 through 8.6 contain a command injection vulnerability. A high privileged attacker with remote acEPSS 1.2%CVE-2025-20186HIGHA vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an authentEPSS 1.2%CVE-2026-13561MEDIUMEdimax EW-7478APC POST Request formiNICbasic os command injectionEPSS 1.2%CVE-2026-12815MEDIUMcoollabsio coolify Image Name os command injectionEPSS 1.2%CVE-2026-13581MEDIUMEdimax EW-7478APC POST Request formStaDrvSetup os command injectionEPSS 1.2%CVE-2026-31226CRITICALThe TinyZero project thru commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b839 (2025-58-24) contains a critical command injection vulnerability (EPSS 1.2%CVE-2026-13560MEDIUMEdimax EW-7478APC POST Request formAccept os command injectionEPSS 1.2%CVE-2026-9424MEDIUMEdimax EW-7438RPn Content-Type formWlanMP os command injectionEPSS 1.2%CVE-2026-1460HIGHA post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EXEPSS 1.2%CVE-2026-41015HIGHradare2 before 9236f44, when configured on UNIX without SSL, allows command injection via a PDB name to rabin2 -PP. NOTE: although users areEPSS 1.2%