Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-03 | CVE-2021-28812 | Command Injection vulnerability in Qnap Video Station A command injection vulnerability has been reported to affect certain versions of Video Station. | 8.8 |
| 2021-06-02 | CVE-2015-1877 | Command Injection vulnerability in multiple products The open_generic_xdg_mime function in xdg-open in xdg-utils 1.1.0 rc1 in Debian, when using dash, does not properly handle local variables, which allows remote attackers to execute arbitrary commands via a crafted file. | 8.8 |
| 2021-05-31 | CVE-2020-10666 | Command Injection vulnerability in Sangoma Restapps The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0.19.2 allows remote code execution via a URL variable to an AMI command. | 9.8 |
| 2021-05-27 | CVE-2020-15180 | Command Injection vulnerability in multiple products A flaw was found in the mysql-wsrep component of mariadb. | 9.0 |
| 2021-05-27 | CVE-2021-22899 | Command Injection vulnerability in multiple products A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature | 8.8 |
| 2021-05-26 | CVE-2019-25029 | Command Injection vulnerability in Versa-Networks Versa Director In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. | 9.8 |
| 2021-05-24 | CVE-2020-28901 | Command Injection vulnerability in Nagios Fusion Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation or Code Execution as root via vectors related to corrupt component installation in cmd_subsys.php. | 9.8 |
| 2021-05-24 | CVE-2020-28902 | Command Injection vulnerability in Nagios Fusion Command Injection in Nagios Fusion 4.1.8 and earlier allows Privilege Escalation from apache to root in cmd_subsys.php. | 9.8 |
| 2021-05-24 | CVE-2020-28908 | Command Injection vulnerability in Nagios Fusion Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to nagios. | 9.8 |
| 2021-05-22 | CVE-2021-1547 | Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. | 7.2 |