Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-25 | CVE-2024-11652 | Command Injection vulnerability in Engeniustech products A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. | 7.2 |
2024-11-24 | CVE-2024-11665 | Command Injection vulnerability in Echarge Salia Plcc Firmware Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in hardy-barth cph2_echarge_firmware allows OS Command Injection.This issue affects cph2_echarge_firmware: through 2.0.4. | 8.8 |
2024-11-24 | CVE-2024-53899 | Command Injection vulnerability in Virtualenv virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. | 9.8 |
2024-11-21 | CVE-2024-11320 | Command Injection vulnerability in Pandorafms Pandora FMS Arbitrary commands execution on the server by exploiting a command injection vulnerability in the LDAP authentication mechanism. | 9.8 |
2024-11-21 | CVE-2024-51151 | Command Injection vulnerability in Dlink Di-8200 Firmware 16.07.26A1 D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the msp_info_htm function via the flag parameter and cmd parameter. | 9.8 |
2024-11-15 | CVE-2022-1884 | Command Injection vulnerability in Gogs A remote command execution vulnerability exists in gogs/gogs versions <=0.12.7 when deployed on a Windows server. | 9.8 |
2024-11-15 | CVE-2024-10443 | Command Injection vulnerability in Synology Beephotos and Photos Improper neutralization of special elements used in a command ('Command Injection') vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via unspecified vectors. | 9.8 |
2024-11-13 | CVE-2024-50852 | Command Injection vulnerability in Tendacn G3 Firmware 15.11.0.20 Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetUSBPartitionUmount function. | 8.8 |
2024-11-13 | CVE-2024-50853 | Command Injection vulnerability in Tendacn G3 Firmware 15.11.0.20 Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetDebugCfg function. | 8.8 |
2024-11-12 | CVE-2024-43613 | Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability | 7.2 |