Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-26 | CVE-2024-0740 | Command Injection vulnerability in Eclipse Target Management Eclipse Target Management: Terminal and Remote System Explorer (RSE) version <= 4.5.400 has a remote code execution vulnerability that does not require authentication. | 9.8 |
| 2024-04-12 | CVE-2024-3400 | Command Injection vulnerability in Paloaltonetworks Pan-Os A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. | 10.0 |
| 2024-03-31 | CVE-2023-41724 | Command Injection vulnerability in Ivanti Standalone Sentry A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network. | 8.8 |
| 2024-03-28 | CVE-2024-25946 | Command Injection vulnerability in Dell products Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. | 8.8 |
| 2024-03-28 | CVE-2024-25955 | Command Injection vulnerability in Dell products Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. | 8.8 |
| 2024-03-27 | CVE-2024-29946 | Command Injection vulnerability in Splunk In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands. | 8.1 |
| 2024-03-09 | CVE-2024-25951 | Command Injection vulnerability in Dell Idrac8 2.50.50.50/2.52.52.52/2.60.60.60 A command injection vulnerability exists in local RACADM. | 8.0 |
| 2024-02-21 | CVE-2024-23346 | Command Injection vulnerability in Materialsvirtuallab Pymatgen Pymatgen (Python Materials Genomics) is an open-source Python library for materials analysis. | 7.8 |
| 2024-02-16 | CVE-2024-24377 | Command Injection vulnerability in Idocv Idocview An issue in idocv v.14.1.3_20231228 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script. | 9.8 |
| 2024-02-14 | CVE-2024-22093 | Command Injection vulnerability in F5 products When running in appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint on multi-bladed systems. | 9.6 |