Falhas do tipo CWE-78

3.878 resultados
CVE-2025-24022HIGHiTop server vulnerable to portal code injectionEPSS 0.5%CVE-2024-2742MEDIUMOS Command Injection in Planet IGS-4215-16T2SEPSS 0.5%CVE-2026-28391CRITICALOpenClaw < 2026.2.2 - Command Injection via cmd.exe Parsing Bypass in Allowlist EnforcementEPSS 0.5%CVE-2023-27999HIGHAn improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC 7.2.0, 7.1.0 through 7.1.1 may allowEPSS 0.5%CVE-2023-48428HIGHA vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The radius configuration mechanism of affected productsEPSS 0.5%CVE-2025-47857MEDIUMA improper neutralization of special elements used in an os command ('os command injection') vulnerability [CWE-78] in Fortinet FortiWeb CLIEPSS 0.5%CVE-2026-48731HIGHWarp: Linux external editor command injectionEPSS 0.5%CVE-2023-20175HIGHA vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on theEPSS 0.5%CVE-2023-26210HIGHMultiple improper neutralization of special elements used in an os command ('OS Command Injection') vulnerabilties [CWE-78] vulnerability inEPSS 0.5%CVE-2024-52961HIGHAn improper neutralization of special elements used in an OS Command vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0, FoEPSS 0.5%CVE-2025-43920MEDIUMGNU Mailman 2.1.39, as bundled in cPanel (and WHM), in certain external archiver configurations, allows unauthenticated attackers to executeEPSS 0.5%CVE-2026-49813MEDIUMDell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1EPSS 0.5%CVE-2025-11774HIGHMalicious Code Execution Vulnerability in the Software Keyboard Function of GENESIS64, ICONICS Suite, Mobile HMI, and MC Works64EPSS 0.5%CVE-2024-22132HIGHCode Injection vulnerability in SAP IDES SystemsEPSS 0.5%CVE-2024-24426HIGHReachable assertions in the NGAP_FIND_PROTOCOLIE_BY_ID function of OpenAirInterface Magma v1.8.0 and OAI EPC Federation v1.2.0 allow attackeEPSS 0.5%CVE-2025-56590CRITICALAn issue was discovered in the InsertFromURL() function of the Apryse HTML2PDF SDK thru 11.10. This vulnerability could allow an attacker toEPSS 0.5%CVE-2024-42167CRITICALCommand Injection in OrganisationnameEPSS 0.5%CVE-2024-42166CRITICALCommand Injection in ApplicationnameEPSS 0.5%CVE-2025-36569MEDIUMDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 releasEPSS 0.5%CVE-2026-39420MEDIUMMaxKB: Sandbox escape via LD_PRELOAD bypassEPSS 0.5%