Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-31 | CVE-2017-20156 | Command Injection vulnerability in Printer Project Printer A vulnerability was found in Exciting Printer and classified as critical. | 9.8 |
| 2022-12-30 | CVE-2022-44621 | Command Injection vulnerability in Apache Kylin Diagnosis Controller miss parameter validation, so user may attacked by command injection via HTTP Request. | 9.8 |
| 2022-12-23 | CVE-2022-46641 | Command Injection vulnerability in Dlink Dir-846 Firmware 100A43 D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function. | 9.9 |
| 2022-12-23 | CVE-2022-46642 | Command Injection vulnerability in Dlink Dir-846 Firmware 100A43 D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function. | 9.9 |
| 2022-12-22 | CVE-2020-15685 | During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. | 8.8 |
| 2022-12-20 | CVE-2022-46421 | Command Injection vulnerability in Apache Apache-Airflow-Providers-Apache-Hive Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 5.0.0. | 9.8 |
| 2022-12-16 | CVE-2022-45796 | Command Injection vulnerability in Sharp products Command injection vulnerability in nw_interface.html in SHARP multifunction printers (MFPs)'s Digital Full-color Multifunctional System 202 or earlier, 120 or earlier, 600 or earlier, 121 or earlier, 500 or earlier, 402 or earlier, 790 or earlier, and Digital Multifunctional System (Monochrome) 200 or earlier, 211 or earlier, 102 or earlier, 453 or earlier, 400 or earlier, 202 or earlier, 602 or earlier, 500 or earlier, 401 or earlier allows remote attackers to execute arbitrary commands via unspecified vectors. | 7.2 |
| 2022-12-14 | CVE-2022-31702 | Command Injection vulnerability in VMWare Vrealize Network Insight vRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST API. | 9.8 |
| 2022-12-14 | CVE-2022-44832 | Command Injection vulnerability in Dlink Dir-3040 Firmware 120B03 D-Link DIR-3040 device with firmware 120B03 was discovered to contain a command injection vulnerability via the SetTriggerLEDBlink function. | 9.8 |
| 2022-12-13 | CVE-2022-46404 | Command Injection vulnerability in Atos products A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Unify OpenScape 4000 Manager (8 before R2.22.18, 10 before 0.28.13, and 10 R1 before R1.34.4) that may allow an unauthenticated attacker to upload arbitrary files and achieve administrative access to the system. | 9.8 |