Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-14 | CVE-2022-41955 | Command Injection vulnerability in Autolabproject Autolab Autolab is a course management service, initially developed by a team of students at Carnegie Mellon University, that enables instructors to offer autograded programming assignments to their students over the Web. | 8.8 |
| 2023-01-14 | CVE-2023-22496 | Command Injection vulnerability in Netdata Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. | 9.8 |
| 2023-01-11 | CVE-2020-36650 | Command Injection vulnerability in GRY Project GRY A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x. | 8.0 |
| 2023-01-06 | CVE-2022-39073 | Command Injection vulnerability in ZTE Mf286R Firmware Nordicmf286Rb06 There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker could use the vulnerability to execute arbitrary commands. | 9.8 |
| 2023-01-06 | CVE-2023-22671 | Command Injection vulnerability in NSA Ghidra Ghidra/RuntimeScripts/Linux/support/launch.sh in NSA Ghidra through 10.2.2 passes user-provided input into eval, leading to command injection when calling analyzeHeadless with untrusted input. | 9.8 |
| 2023-01-03 | CVE-2022-32664 | Command Injection vulnerability in Mediatek Linkit Software Development KIT 4.6.1 In Config Manager, there is a possible command injection due to improper input validation. | 8.8 |
| 2023-01-03 | CVE-2022-32665 | Command Injection vulnerability in Mediatek Linkit Software Development KIT 4.6.1 In Boa, there is a possible command injection due to improper input validation. | 9.8 |
| 2022-12-30 | CVE-2022-44621 | Command Injection vulnerability in Apache Kylin Diagnosis Controller miss parameter validation, so user may attacked by command injection via HTTP Request. | 9.8 |
| 2022-12-23 | CVE-2022-46641 | Command Injection vulnerability in Dlink Dir-846 Firmware 100A43 D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function. | 9.9 |
| 2022-12-23 | CVE-2022-46642 | Command Injection vulnerability in Dlink Dir-846 Firmware 100A43 D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function. | 9.9 |