Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-13 | CVE-2020-12967 | Command Injection vulnerability in AMD products The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor. | 7.2 |
| 2021-05-13 | CVE-2021-26311 | Command Injection vulnerability in AMD products In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor. | 7.2 |
| 2021-05-10 | CVE-2021-29501 | Command Injection vulnerability in Dav-Cogs Project Dav-Cogs Ticketer is a command based ticket system cog (plugin) for the red discord bot. | 6.5 |
| 2021-05-06 | CVE-2021-1498 | Command Injection vulnerability in Cisco Hyperflex HX Data Platform Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. | 9.8 |
| 2021-05-05 | CVE-2020-13664 | Command Injection vulnerability in Drupal Arbitrary PHP code execution vulnerability in Drupal Core under certain circumstances. | 8.8 |
| 2021-04-29 | CVE-2021-25812 | Command Injection vulnerability in Chinamobile AN Lianbao Wf-1 Firmware 1.0.1 Command injection vulnerability in China Mobile An Lianbao WF-1 1.01 via the 'ip' parameter with a POST request to /api/ZRQos/set_online_client. | 9.8 |
| 2021-04-25 | CVE-2021-31726 | Command Injection vulnerability in Akuvox C315 Firmware 115.116.2613 Akuvox C315 115.116.2613 allows remote command Injection via the cfgd_server service. | 9.8 |
| 2021-04-23 | CVE-2020-7034 | Command Injection vulnerability in Avaya Session Border Controller for Enterprise A command injection vulnerability in Avaya Session Border Controller for Enterprise could allow an authenticated, remote attacker to send specially crafted messages and execute arbitrary commands with the affected system privileges. | 8.8 |
| 2021-04-22 | CVE-2021-0253 | Command Injection vulnerability in Juniper Junos NFX Series devices using Juniper Networks Junos OS are susceptible to a local command execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process. | 7.8 |
| 2021-04-22 | CVE-2021-0252 | Command Injection vulnerability in Juniper Junos NFX Series devices using Juniper Networks Junos OS are susceptible to a local code execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process. | 7.8 |