Falhas do tipo CWE-78
3.866 resultadosCVE-2024-43778HIGHOS command injection vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticaEPSS 1.0%CVE-2026-49261CRITICALMariaDB server has unsafe parameter handling in `wsrep_notify_cmd`EPSS 1.0%CVE-2024-20335MEDIUMA vulnerability in the web-based management interface of Cisco Small Business 100, 300, and 500 Series Wireless APs could allow an authenticEPSS 1.0%CVE-2023-44415MEDIUMD-Link Multiple Routers cli Command Injection Remote Code Execution VulnerabilityEPSS 1.0%CVE-2025-3022CRITICALOS Command Injection vulnerability in e-management of e-solutionsEPSS 1.0%CVE-2026-4620HIGHOS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.EPSS 1.0%CVE-2023-28704HIGHFurbo dog camera - Command InjectionEPSS 1.0%CVE-2025-41427HIGHWRC-X3000GS, WRC-X3000GSA, and WRC-X3000GSN contain an improper neutralization of special elements used in an OS command ('OS Command InjectEPSS 1.0%CVE-2026-5707HIGHCommand Injection via Virtual Desktop Session Name in AWS Research and Engineering Studio (RES)EPSS 1.0%CVE-2024-13089HIGHAuthenticated RCE in update functionality in Guardian/CMC before 24.6.0EPSS 1.0%CVE-2024-28125CRITICALFitNesse all releases allows a remote authenticated attacker to execute arbitrary OS commands. Note: A contributor of FitNesse has claimed tEPSS 1.0%CVE-2025-0676HIGHCommend Injection Leading to Privilege EscalationEPSS 1.0%CVE-2021-42081CRITICALAuthenticated Remote Command Execution vulnerability in OSNEXUS QuantaStor before 6.0.0.355EPSS 1.0%CVE-2026-22893HIGHQTS, QuTS heroEPSS 1.0%CVE-2022-25962HIGHAll versions of the package vagrant.js are vulnerable to Command Injection via the boxAdd function due to improper input sanitization.
EPSS 1.0%CVE-2023-26127HIGHAll versions of the package n158 are vulnerable to Command Injection due to improper input sanitization in the 'module.exports' function.
*EPSS 1.0%CVE-2026-27130CRITICALDokploy has Command Injection in its Service OperationsEPSS 1.0%CVE-2022-47555CRITICALImproper Neutralization of Special Elements in Ormazabal productsEPSS 1.0%CVE-2025-66208HIGHConfiguration-Dependent RCE (OS Command Injection) in richdocumentscode proxyEPSS 1.0%CVE-2024-52723CRITICALIn TOTOLINK X6000R V9.4.0cu.1041_B20240224 in the shttpd file, the Uci_Set Str function is used without strict parameter filtering. An attacEPSS 1.0%