Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2023-01-27 CVE-2021-39217 Command Injection vulnerability in Openmage Magento
OpenMage LTS is an e-commerce platform.
network
low complexity
openmage CWE-77
7.2
2023-01-21 CVE-2023-22884 Command Injection vulnerability in Apache Airflow
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow, Apache Software Foundation Apache Airflow MySQL Provider.This issue affects Apache Airflow: before 2.5.1; Apache Airflow MySQL Provider: before 4.0.0.
network
low complexity
apache CWE-77
critical
9.8
2023-01-20 CVE-2020-22662 Command Injection vulnerability in Ruckuswireless products
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to change and set unauthorized "illegal region code" by remote code Execution command injection which leads to run illegal frequency with maxi output power.
network
low complexity
ruckuswireless CWE-77
7.5
2023-01-16 CVE-2023-0315 Command Injection vulnerability in Froxlor
Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8.
network
low complexity
froxlor CWE-77
8.8
2023-01-14 CVE-2022-41955 Command Injection vulnerability in Autolabproject Autolab
Autolab is a course management service, initially developed by a team of students at Carnegie Mellon University, that enables instructors to offer autograded programming assignments to their students over the Web.
network
low complexity
autolabproject CWE-77
8.8
2023-01-14 CVE-2023-22496 Command Injection vulnerability in Netdata
Netdata is an open source option for real-time infrastructure monitoring and troubleshooting.
network
low complexity
netdata CWE-77
critical
9.8
2023-01-13 CVE-2022-4616 Command Injection vulnerability in Deltaww Dx-3021L9 Firmware
The webserver in Delta DX-3021 versions prior to 1.24 is vulnerable to command injection through the network diagnosis page.
network
low complexity
deltaww CWE-77
critical
9.1
2023-01-11 CVE-2020-36650 Command Injection vulnerability in GRY Project GRY
A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x.
low complexity
gry-project CWE-77
8.0
2023-01-10 CVE-2022-45094 Command Injection vulnerability in Siemens Sinec INS 1.0
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1).
network
low complexity
siemens CWE-77
8.8
2023-01-06 CVE-2022-39073 Command Injection vulnerability in ZTE Mf286R Firmware Nordicmf286Rb06
There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker could use the vulnerability to execute arbitrary commands.
network
low complexity
zte CWE-77
critical
9.8