Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-24 | CVE-2024-53899 | Command Injection vulnerability in Virtualenv virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. | 7.8 |
| 2024-11-22 | CVE-2021-38116 | Command Injection vulnerability in Microfocus Imanager Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenText™ iManager. | 8.8 |
| 2024-11-22 | CVE-2021-38117 | Command Injection vulnerability in Microfocus Imanager Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000. | 9.8 |
| 2024-11-22 | CVE-2023-24467 | Command Injection vulnerability in Microfocus Imanager Possible Command Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0000. | 9.8 |
| 2024-11-21 | CVE-2024-11320 | Command Injection vulnerability in Pandorafms Pandora FMS Arbitrary commands execution on the server by exploiting a command injection vulnerability in the LDAP authentication mechanism. | 9.8 |
| 2024-11-21 | CVE-2024-51151 | Command Injection vulnerability in Dlink Di-8200 Firmware 16.07.26A1 D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the msp_info_htm function via the flag parameter and cmd parameter. | 9.8 |
| 2024-11-15 | CVE-2022-1884 | Command Injection vulnerability in Gogs A remote command execution vulnerability exists in gogs/gogs versions <=0.12.7 when deployed on a Windows server. | 9.8 |
| 2024-11-15 | CVE-2024-10443 | Command Injection vulnerability in Synology Beephotos and Photos Improper neutralization of special elements used in a command ('Command Injection') vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via unspecified vectors. | 9.8 |
| 2024-11-13 | CVE-2024-50852 | Command Injection vulnerability in Tendacn G3 Firmware 15.11.0.20 Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetUSBPartitionUmount function. | 8.8 |
| 2024-11-13 | CVE-2024-50853 | Command Injection vulnerability in Tendacn G3 Firmware 15.11.0.20 Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetDebugCfg function. | 8.8 |