Falhas do tipo CWE-78

3.878 resultados
CVE-2024-50376HIGHA CWE-79 "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" was discovered affecting the following devicEPSS 0.5%CVE-2024-53992HIGHunzip-bot Allows Remote Code Execution (RCE) via archive extraction, password prompt, or video uploadEPSS 0.5%CVE-2026-46746HIGHA vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The application does not properly sanitize user input iEPSS 0.5%CVE-2024-11681MEDIUMRemote Code Execution in MacPortsEPSS 0.5%CVE-2025-67164CRITICALAn authenticated arbitrary file upload vulnerability in the /storage/poc.php component of Pagekit CMS v1.0.18 allows attackers to execute arEPSS 0.4%CVE-2026-41036HIGHCommand Injection Vulnerability in Quantum Networks Router QN-I-470EPSS 0.4%CVE-2019-1770MEDIUMCisco NX-OS Software Command Injection VulnerabilityEPSS 0.4%CVE-2025-54941MEDIUMApache Airflow: Command injection in "example_dag_decorator"EPSS 0.4%CVE-2025-11546CRITICALCLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and EXPRESSCLUSTER X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, CLUSTERPRO X SingleSeEPSS 0.4%CVE-2026-27626CRITICALOliveTin vulnerable to OS Command Injection via `password` argument type and webhook JSON extraction bypasses shell safety checksEPSS 0.4%CVE-2026-34940HIGHKubeAI has an OS Command Injection via Model URL in Ollama Engine startup probe allows arbitrary command execution in model podsEPSS 0.4%CVE-2019-1745HIGHCisco IOS XE Software Command Injection VulnerabilityEPSS 0.4%CVE-2021-1584MEDIUMCisco Nexus 9000 Series Fabric Switches ACI Mode Privilege Escalation VulnerabilityEPSS 0.4%CVE-2024-21821HIGHMultiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute aEPSS 0.4%CVE-2026-6281HIGHA potential vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user on the locEPSS 0.4%CVE-2023-3571HIGHPHOENIX CONTACT: OS Command Injection in WP 6xxx Web panelsEPSS 0.4%CVE-2018-0115A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series routers could allow an authenticated, local attackEPSS 0.4%CVE-2017-6796A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an aEPSS 0.4%CVE-2020-3169MEDIUMCisco FXOS Software CLI Command Injection VulnerabilityEPSS 0.4%CVE-2026-20036MEDIUMCisco UCS Manager Software Command Injection VulnerabilityEPSS 0.4%