Falhas do tipo CWE-78

3.870 resultados
CVE-2023-28726HIGHPanasonic AiSEG2 versions 2.80F through 2.93A allows remote attackers to execute arbitrary OS commands.EPSS 0.8%CVE-2026-7246HIGHPallets Click contains a command injection via Unsanitized Filename "click.edit()"EPSS 0.8%CVE-2024-38882CRITICALAn issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker tEPSS 0.8%CVE-2024-0167HIGH Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in the svc_topstats utility. An authenticated attacker coEPSS 0.8%CVE-2025-46117CRITICALAn issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.EPSS 0.8%CVE-2026-40029HIGHparseusbs < 1.9 Command Injection via Crafted LNK FilenameEPSS 0.8%CVE-2026-26279CRITICALFroxlor Admin-to-Root Privilege Escalation via Input Validation Bypass + OS Command InjectionEPSS 0.8%CVE-2024-21903MEDIUMQTS, QuTS heroEPSS 0.8%CVE-2023-53948CRITICALLilac-Reloaded for Nagios 2.0.8 Remote Code Execution via AutodiscoveryEPSS 0.8%CVE-2021-42852HIGHA command injection vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an authenticated user to execuEPSS 0.8%CVE-2026-25130CRITICALCybersecurity AI vulnerable to command Injection through argument injection in find_file Agent toolEPSS 0.8%CVE-2023-34254HIGHRemote inventory task command injection when using ssh command modeEPSS 0.8%CVE-2025-7723HIGHAuthenticated command injection on VIGI NVR1104H-4P V1 and VIGI NVR2016H-16MP V2EPSS 0.8%CVE-2026-44170MEDIUMMariaDB: Argument injection in CONNECT REST Xcurl on Windows via unsanitized URLEPSS 0.8%CVE-2023-53981HIGHPhotoShow 3.0 Remote Code Execution via Exiftran Path InjectionEPSS 0.8%CVE-2024-10019MEDIUMPath Traversal and OS Command Injection in parisneo/lollms-webuiEPSS 0.8%CVE-2024-51005HIGHNetgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the share_name parameter at usb_remote_smb_conf.cgi.EPSS 0.8%CVE-2024-46486HIGHTP-LINK TL-WDR5620 v2.3 was discovered to contain a remote code execution (RCE) vulnerability via the httpProcDataSrv function.EPSS 0.8%CVE-2025-2257HIGHTotal Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid <= 1.16.10 - Authenticated (Admin+) Command InjectionEPSS 0.8%CVE-2023-38056HIGHCode execution via System Configuration EPSS 0.8%