Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2022-08-02 CVE-2020-28434 Command Injection vulnerability in Gitblame Project Gitblame
This affects all versions of package gitblame.
network
low complexity
gitblame-project CWE-77
critical
 9.8
9.8
2022-08-02 CVE-2020-28437 Command Injection vulnerability in Heroku-Env Project Heroku-Env
This affects all versions of package heroku-env.
network
low complexity
heroku-env-project CWE-77
critical
 9.8
9.8
2022-08-02 CVE-2020-28451 Command Injection vulnerability in Image-Tiler Project Image-Tiler
This affects the package image-tiler before 2.0.2.
network
low complexity
image-tiler-project CWE-77
critical
 9.8
9.8
2022-08-02 CVE-2020-28453 Command Injection vulnerability in Npos-Tesseract Project Npos-Tesseract 0.0.3
This affects all versions of package npos-tesseract.
network
low complexity
npos-tesseract-project CWE-77
critical
 9.8
9.8
2022-08-02 CVE-2020-7795 Command Injection vulnerability in Get-Npm-Package-Version Project Get-Npm-Package-Version
The package get-npm-package-version before 1.0.7 are vulnerable to Command Injection via main function in index.js.
network
low complexity
get-npm-package-version-project CWE-77
critical
 9.8
9.8
2022-07-29 CVE-2022-2323 Command Injection vulnerability in Sonicwall products
Improper neutralization of special elements used in a user input allows an authenticated malicious user to perform remote code execution in the host system.
network
low complexity
sonicwall CWE-77
8.8
8.8
2022-07-28 CVE-2022-29558 Command Injection vulnerability in Realtek Rtl819X Software Development KIT
Realtek rtl819x-SDK before v3.6.1 allows command injection over the web interface.
network
low complexity
realtek CWE-77
8.8
8.8
2022-07-28 CVE-2016-4991 Command Injection vulnerability in Nodepdf Project Nodepdf 1.3.0
Input passed to the Pdf() function is shell escaped and passed to child_process.exec() during PDF rendering.
network
low complexity
nodepdf-project CWE-77
critical
 9.8
9.8
2022-07-25 CVE-2020-28422 Command Injection vulnerability in Git-Archive Project Git-Archive
All versions of package git-archive are vulnerable to Command Injection via the exports function.
local
low complexity
git-archive-project CWE-77
7.8
7.8
2022-07-25 CVE-2020-28435 Command Injection vulnerability in Ffmpeg-Sdk Project Ffmpeg-Sdk
This affects all versions of package ffmpeg-sdk.
network
low complexity
ffmpeg-sdk-project CWE-77
critical
 9.8
9.8