Falhas do tipo CWE-78

3.878 resultados
CVE-2020-3171HIGHCisco FXOS and UCS Manager Software Local Management CLI Command Injection VulnerabilityEPSS 0.5%CVE-2020-3167HIGHCisco FXOS and UCS Manager Software CLI Command Injection VulnerabilityEPSS 0.5%CVE-2026-26009CRITICALCatalyst Affected by Remote Code Execution as Root via Containerized Install Script ExecutionEPSS 0.5%CVE-2026-46624CRITICALTwenty: SQL Injection via the timeZone fieldEPSS 0.5%CVE-2026-54483MEDIUMDell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1EPSS 0.5%CVE-2026-58652HIGHluci-app-travelmate - Arbitrary Command Execution via UCI Script ParameterEPSS 0.5%CVE-2021-4466HIGHIPCop <= 2.1.9 Authenticated RCEEPSS 0.5%CVE-2021-1476MEDIUMCisco Adaptive Security Appliance Software and Firepower Threat Defense Software Command Injection VulnerabilityEPSS 0.5%CVE-2026-25041HIGHBudibase has a Command Injection in PostgreSQL Dump CommandEPSS 0.5%CVE-2024-45325MEDIUMAn improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiDDoSEPSS 0.5%CVE-2023-2625CRITICALA vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, haviEPSS 0.5%CVE-2025-70828HIGHAn issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configurationEPSS 0.5%CVE-2024-3798HIGHInsecure handling of GET argument in PhonieboxEPSS 0.5%CVE-2026-28470CRITICALOpenClaw < 2026.2.2 - Exec Allowlist Bypass via Command Substitution in Double QuotesEPSS 0.5%CVE-2025-43943MEDIUMDell Cloud Disaster Recovery, version(s) prior to 19.20, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OEPSS 0.5%CVE-2024-48891MEDIUMAn Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiSOAR 7.6.0 throEPSS 0.5%CVE-2025-43884HIGHDell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Improper Neutralization of Special Elements used in an OS EPSS 0.5%CVE-2025-36607HIGHDell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker couEPSS 0.5%CVE-2025-68700HIGHRAGFlow Remote Code Execution VulnerabilityEPSS 0.5%CVE-2023-3313HIGH An OS common injection vulnerability exists in the ESM certificate API, whereby incorrectly neutralized special elements may have allowed aEPSS 0.5%