CWE-78: OS Command Injection

This vulnerability allows local low-privileged attackers to execute arbitrary operating system commands on Dell PowerProtect Data Manager Hyper-V syst...

CVE-2025-58374 is a command injection vulnerability in Roo Code's auto-approve feature that allows arbitrary code execution when users open malicious ...

This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain's DDSH CLI. Attackers with local low-privileged access can e...

Dell Unity storage systems running version 5.5 and earlier contain an OS command injection vulnerability in the svc_nfssupport utility. Authenticated ...

This vulnerability allows local attackers with initial code execution on Tesla Model S vehicles to escalate privileges and execute arbitrary commands ...

This OS command injection vulnerability in Dell Unity storage systems allows attackers with local access to execute arbitrary commands with elevated p...

This CVE describes an OS command injection vulnerability in Dell Unity storage systems. A low-privileged attacker with local access can execute arbitr...

This OS command injection vulnerability in Dell Unity storage systems allows low-privileged local attackers to execute arbitrary commands with elevate...

This CVE describes an OS command injection vulnerability in Dell Unity storage systems. A low-privileged attacker with local access can execute arbitr...

This CVE describes an OS command injection vulnerability in Dell Unity storage systems. A low-privileged attacker with local access can execute arbitr...

This OS command injection vulnerability in Dell Unity storage systems allows attackers with local access to execute arbitrary commands with elevated p...

This vulnerability allows a low-privileged attacker with local access to execute arbitrary operating system commands on Dell Unity systems, potentiall...

This CVE describes an OS command injection vulnerability in Dell Unity storage systems. A low-privileged attacker with local access can execute arbitr...

This CVE describes an OS command injection vulnerability in Dell Unity storage systems. A low-privileged attacker with local access can execute arbitr...

This OS command injection vulnerability in Dell Unity storage systems allows low-privileged local attackers to execute arbitrary commands with elevate...

Coolify versions before 4.0.0-beta.359 contain a command injection vulnerability in project name handling that allows authenticated attackers to execu...

This vulnerability allows authenticated users in Coolify to execute arbitrary code on the Coolify container, potentially accessing sensitive data and ...

This CVE describes a command injection vulnerability in the user interface of oMG2000 and MG90 devices running vulnerable MGOS versions. Attackers can...

This OS command injection vulnerability in RTI Connext Professional's System Designer allows attackers to execute arbitrary operating system commands ...

This CVE describes a local privilege escalation vulnerability in IBM AIX and VIOS systems where improper input sanitization allows a local user to exe...

A command injection vulnerability in Brocade Fabric OS allows local authenticated attackers to escalate privileges via crafted portcfg commands. This ...

CVE-2024-11003 is a command injection vulnerability in needrestart (versions before 3.8) where unsanitized data is passed to the Modules::ScanDeps lib...

This vulnerability in ProtonVPN for Windows allows improper neutralization of special elements used in an OS command (CWE-78), potentially enabling co...

This CVE describes a local privilege escalation vulnerability in Acronis True Image for macOS due to OS command injection. Attackers with local access...

This vulnerability allows local authenticated users with low privileges on Juniper Junos OS Evolved to escalate to root privileges by executing specif...

This CVE describes a local privilege escalation vulnerability in Juniper Junos OS Evolved where authenticated low-privilege users can execute specific...

This CVE describes a local privilege escalation vulnerability in Juniper Networks Junos OS Evolved. An authenticated attacker with low privileges can ...

This vulnerability allows authenticated low-privileged local attackers to read and write arbitrary files as root on affected Cisco systems. It affects...

This CVE describes a command injection vulnerability in Movistar 4G routers that allows authenticated users to execute arbitrary commands on the devic...

This CVE describes an OS command injection vulnerability in Dell Unity's svc_dc utility that allows authenticated attackers to execute arbitrary comma...

This CVE describes an OS command injection vulnerability in Dell Unity's svc_udoctor utility. Authenticated local attackers can execute arbitrary oper...

This CVE describes an OS command injection vulnerability in Dell Unity's svc_nas utility that allows authenticated attackers to escape the restricted ...

This vulnerability allows authenticated attackers to execute arbitrary operating system commands with root privileges on Dell Unity storage systems. I...

This vulnerability allows authenticated attackers to escape the restricted shell in Dell Unity's svc_cava utility and execute arbitrary operating syst...

This vulnerability allows authenticated attackers to execute arbitrary operating system commands with elevated privileges on Dell Unity storage system...

This vulnerability allows authenticated attackers to execute arbitrary operating system commands with elevated privileges on Dell Unity storage system...

This CVE allows arbitrary command execution through OS command injection in GTKWave's vcd2lxt utility when processing specially crafted wave files. At...

This CVE describes OS command injection vulnerabilities in GTKWave's decompression functionality. Attackers can execute arbitrary commands by tricking...

CVE-2023-35962 allows arbitrary command execution through OS command injection in GTKWave's vcd2vzt utility when processing specially crafted wave fil...

This CVE describes a shell injection vulnerability in multiple GL.iNet router models that allows local attackers to execute arbitrary code via specifi...

This CVE describes an OS command injection vulnerability in Dell PowerProtect DD's CLI that allows local low-privileged attackers to execute arbitrary...

This CVE describes an OS command injection vulnerability in Fortinet management interfaces that allows authenticated users with READ permissions to ex...

Dell SmartFabric Storage Software v1.4 and earlier contain an OS command injection vulnerability in the CLI. An authenticated local attacker can injec...

This vulnerability allows authenticated attackers to execute arbitrary operating system commands on FortiADC devices by exploiting improper input sani...

This CVE describes an OS command injection vulnerability in MLflow versions prior to 2.6.0. Attackers can execute arbitrary operating system commands ...

This vulnerability allows unauthorized users to execute arbitrary system commands through improper input sanitization in the ESM certificate API. Atta...

This CVE describes OS command injection vulnerabilities in Fortinet products that allow local authenticated attackers to execute arbitrary shell comma...

CVE-2023-26127 is a command injection vulnerability in the n158 npm package that allows attackers to execute arbitrary commands on the host system. Th...

This vulnerability allows authenticated attackers to execute arbitrary operating system commands on FortiADC devices by injecting malicious arguments ...

This CVE describes a local OS command injection vulnerability in StruxureWare Data Center Expert that allows authenticated local users to execute arbi...