Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-26 | CVE-2024-0740 | Command Injection vulnerability in Eclipse Target Management Eclipse Target Management: Terminal and Remote System Explorer (RSE) version <= 4.5.400 has a remote code execution vulnerability that does not require authentication. | 9.8 |
| 2024-04-12 | CVE-2024-3400 | Command Injection vulnerability in Paloaltonetworks Pan-Os A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. | 10.0 |
| 2024-03-31 | CVE-2023-41724 | Command Injection vulnerability in Ivanti Standalone Sentry A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network. | 8.8 |
| 2024-03-28 | CVE-2024-25946 | Command Injection vulnerability in Dell products Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. | 8.8 |
| 2024-03-28 | CVE-2024-25955 | Command Injection vulnerability in Dell products Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. | 8.8 |
| 2024-03-27 | CVE-2024-29946 | Command Injection vulnerability in Splunk In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands. | 8.1 |
| 2024-03-26 | CVE-2023-52624 | Command Injection vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wake DMCUB before executing GPINT commands [Why] DMCUB can be in idle when we attempt to interface with the HW through the GPINT mailbox resulting in a system hang. [How] Add dc_wake_and_execute_gpint() to wrap the wake, execute, sleep sequence. If the GPINT executes successfully then DMCUB will be put back into sleep after the optional response is returned. It functions similar to the inbox command interface. | 7.8 |
| 2024-03-09 | CVE-2024-25951 | Command Injection vulnerability in Dell Idrac8 2.50.50.50/2.52.52.52/2.60.60.60 A command injection vulnerability exists in local RACADM. | 8.0 |
| 2024-02-21 | CVE-2024-23346 | Command Injection vulnerability in Materialsvirtuallab Pymatgen Pymatgen (Python Materials Genomics) is an open-source Python library for materials analysis. | 7.8 |
| 2024-02-16 | CVE-2024-24377 | Command Injection vulnerability in Idocv Idocview An issue in idocv v.14.1.3_20231228 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script. | 9.8 |