Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2022-07-28 CVE-2016-4991 Command Injection vulnerability in Nodepdf Project Nodepdf 1.3.0
Input passed to the Pdf() function is shell escaped and passed to child_process.exec() during PDF rendering.
network
low complexity
nodepdf-project CWE-77
critical
 9.8
9.8
2022-07-25 CVE-2020-28422 Command Injection vulnerability in Git-Archive Project Git-Archive
All versions of package git-archive are vulnerable to Command Injection via the exports function.
local
low complexity
git-archive-project CWE-77
7.8
7.8
2022-07-25 CVE-2020-28435 Command Injection vulnerability in Ffmpeg-Sdk Project Ffmpeg-Sdk
This affects all versions of package ffmpeg-sdk.
network
low complexity
ffmpeg-sdk-project CWE-77
critical
 9.8
9.8
2022-07-25 CVE-2020-28436 Command Injection vulnerability in Google-Cloudstorage-Commands Project Google-Cloudstorage-Commands
This affects all versions of package google-cloudstorage-commands.
network
low complexity
google-cloudstorage-commands-project CWE-77
critical
 9.8
9.8
2022-07-25 CVE-2020-28438 Command Injection vulnerability in Deferred-Exec Project Deferred-Exec
This affects all versions of package deferred-exec.
network
low complexity
deferred-exec-project CWE-77
critical
 9.8
9.8
2022-07-25 CVE-2020-28443 Command Injection vulnerability in Sonar-Wrapper Project Sonar-Wrapper
This affects all versions of package sonar-wrapper.
network
low complexity
sonar-wrapper-project CWE-77
critical
 9.8
9.8
2022-07-25 CVE-2020-28445 Command Injection vulnerability in Npm-Help Project Npm-Help
This affects all versions of package npm-help.
network
low complexity
npm-help-project CWE-77
critical
 9.8
9.8
2022-07-25 CVE-2020-28446 Command Injection vulnerability in Ntesseract Project Ntesseract
The package ntesseract before 0.2.9 are vulnerable to Command Injection via lib/tesseract.js.
network
low complexity
ntesseract-project CWE-77
critical
 9.8
9.8
2022-07-25 CVE-2020-28447 Command Injection vulnerability in Xopen Project Xopen
This affects all versions of package xopen.
network
low complexity
xopen-project CWE-77
critical
 9.8
9.8
2022-07-12 CVE-2022-29560 Command Injection vulnerability in Siemens products
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < 2.15.1), RUGGEDCOM ROX MX5000RE (All versions < 2.15.1), RUGGEDCOM ROX RX1400 (All versions < 2.15.1), RUGGEDCOM ROX RX1500 (All versions < 2.15.1), RUGGEDCOM ROX RX1501 (All versions < 2.15.1), RUGGEDCOM ROX RX1510 (All versions < 2.15.1), RUGGEDCOM ROX RX1511 (All versions < 2.15.1), RUGGEDCOM ROX RX1512 (All versions < 2.15.1), RUGGEDCOM ROX RX1524 (All versions < 2.15.1), RUGGEDCOM ROX RX1536 (All versions < 2.15.1), RUGGEDCOM ROX RX5000 (All versions < 2.15.1).
network
low complexity
siemens CWE-77
7.2
7.2