Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-20 | CVE-2023-20865 | Command Injection vulnerability in VMWare Aria Operations for Logs and Cloud Foundation VMware Aria Operations for Logs contains a command injection vulnerability. | 7.2 |
| 2023-04-18 | CVE-2023-29855 | Command Injection vulnerability in Wbce CMS 1.5.3 WBCE CMS 1.5.3 has a command execution vulnerability via admin/languages/install.php. | 7.2 |
| 2023-04-18 | CVE-2022-46640 | Command Injection vulnerability in Nanoleaf Desktop Nanoleaf Desktop App before v1.3.1 was discovered to contain a command injection vulnerability which is exploited via a crafted HTTP request. | 9.8 |
| 2023-04-16 | CVE-2022-37704 | Command Injection vulnerability in Zmanda Amanda 3.5.1 Amanda 3.5.1 allows privilege escalation from the regular user backup to root. | 6.7 |
| 2023-04-16 | CVE-2019-14944 | Command Injection vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.11.8, 12 before 12.0.6, and 12.1 before 12.1.6. | 6.5 |
| 2023-04-14 | CVE-2023-30535 | Command Injection vulnerability in Snowflake Jdbc Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. | 8.8 |
| 2023-04-14 | CVE-2023-29798 | Command Injection vulnerability in Totolink X18 Firmware 9.1.0Cu.2024B20220329 TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the command parameter in the setTracerouteCfg function. | 9.8 |
| 2023-04-14 | CVE-2023-29799 | Command Injection vulnerability in Totolink X18 Firmware 9.1.0Cu.2024B20220329 TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the hostname parameter in the setOpModeCfg function. | 9.8 |
| 2023-04-14 | CVE-2023-29800 | Command Injection vulnerability in Totolink X18 Firmware 9.1.0Cu.2024B20220329 TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function. | 9.8 |
| 2023-04-14 | CVE-2023-29801 | Command Injection vulnerability in Totolink X18 Firmware 9.1.0Cu.2024B20220329 TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain multiple command injection vulnerabilities via the rtLogEnabled and rtLogServer parameters in the setSyslogCfg function. | 9.8 |