Falhas do tipo CWE-78
3.869 resultadosCVE-2025-23237MEDIUMImproper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in UD-LT2 firmware Ver.1.00.008_SE aEPSS 0.9%CVE-2026-26942MEDIUMDell PowerProtect Data Domain, versions 8.5 through 8.6 contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OSEPSS 0.9%CVE-2025-41267HIGHNozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the EPSS 0.9%CVE-2025-41266HIGHNozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the EPSS 0.9%CVE-2024-39935HIGHjc21 NGINX Proxy Manager before 2.11.3 allows backend/internal/certificate.js OS command injection by an authenticated user (with certificatEPSS 0.9%CVE-2025-41279HIGHNozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the EPSS 0.9%CVE-2025-41265HIGHNozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the EPSS 0.9%CVE-2024-22223HIGH
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svc_cbr utility. An authenticated malicious usEPSS 0.9%CVE-2023-28392HIGHWi-Fi AP UNIT AC-PD-WAPU v1.05_B04 and earlier, AC-PD-WAPUM v1.05_B04 and earlier, AC-PD-WAPU-P v1.05_B04P and earlier, AC-PD-WAPUM-P v1.05_EPSS 0.9%CVE-2026-8632HIGHHP Linux Imaging and Printing Software – Potential Escalation of Privilege and Arbitrary Code ExecutionEPSS 0.9%CVE-2023-34980MEDIUMQTS, QuTS heroEPSS 0.9%CVE-2024-22033MEDIUMobs-service-download_url is vulnerable to argument injectionEPSS 0.9%CVE-2026-32950HIGHSQLBot: RCE via SQL Injection in Excel Upload EndpointEPSS 0.9%CVE-2025-2983MEDIUMLegrand SMS PowerView os command injectionEPSS 0.9%CVE-2026-0507HIGHOS Command Injection vulnerability in SAP Application Server for ABAP and SAP NetWeaver RFCSDKEPSS 0.9%CVE-2022-1359MEDIUMCambium Networks cnMaestro Path TraversalEPSS 0.9%CVE-2022-38387HIGHIBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.2.0 could allow a remote authenticated attacker to execute arbitrary commands on theEPSS 0.9%CVE-2025-15388HIGHQNO Technology|VPN Firewall - OS Command InjectionEPSS 0.9%CVE-2022-26582HIGHPAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow an attacker to gain root access through command injection in systoolEPSS 0.9%CVE-2023-25759MEDIUMOS Command Injection in TripleData Reporting Engine in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated users to runEPSS 0.9%