Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-15 | CVE-2023-50917 | Command Injection vulnerability in Mjdm Majordomo MajorDoMo (aka Major Domestic Module) before 0662e5e allows command execution via thumb.php shell metacharacters. | 9.8 |
| 2023-12-15 | CVE-2023-49898 | Command Injection vulnerability in Apache Streampark 2.0.0/2.1.0/2.1.1 In streampark, there is a project module that integrates Maven's compilation capability. | 7.2 |
| 2023-12-14 | CVE-2023-6572 | Command Injection vulnerability in Gradio Project Gradio Command Injection in GitHub repository gradio-app/gradio prior to main. | 8.1 |
| 2023-12-14 | CVE-2023-25643 | Command Injection vulnerability in ZTE Mc801A1 Firmware and Mc801A Firmware There is a command injection vulnerability in some ZTE mobile internet products. | 8.8 |
| 2023-12-13 | CVE-2023-48702 | Command Injection vulnerability in Jellyfin Jellyfin is a system for managing and streaming media. | 7.2 |
| 2023-12-13 | CVE-2023-48791 | Command Injection vulnerability in Fortinet Fortiportal An improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in FortiPortal version 7.2.0, version 7.0.6 and below may allow a remote authenticated attacker with at least R/W permission to execute unauthorized commands via specifically crafted arguments in the Schedule System Backup page field. | 8.8 |
| 2023-12-13 | CVE-2023-47576 | Command Injection vulnerability in Relyum Rely-Pcie Firmware and Rely-Rec Firmware An issue was discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices, allowing authenticated command injection through the web interface. | 8.8 |
| 2023-12-12 | CVE-2013-2513 | Command Injection vulnerability in Milboj Flash Tool 0.5.0/0.6.0 The flash_tool gem through 0.6.0 for Ruby allows command execution via shell metacharacters in the name of a downloaded file. | 9.8 |
| 2023-12-12 | CVE-2023-49587 | Command Injection vulnerability in SAP Solution Manager 720 SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated function modules which can read or modify data of same or other component without user interaction over the network. | 6.4 |
| 2023-12-07 | CVE-2023-40301 | Command Injection vulnerability in Netscout Ngeniuspulse 3.8.00.2349.0 NETSCOUT nGeniusPULSE 3.8 has a Command Injection Vulnerability. | 9.8 |