Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-22 | CVE-2021-1551 | Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. | 7.2 |
2021-05-22 | CVE-2021-1552 | Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. | 7.2 |
2021-05-22 | CVE-2021-1553 | Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. | 7.2 |
2021-05-22 | CVE-2021-1554 | Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. | 7.2 |
2021-05-22 | CVE-2021-1555 | Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. | 7.2 |
2021-05-22 | CVE-2021-1560 | Command Injection vulnerability in Cisco DNA Spaces: Connector 2.0 Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an authenticated, remote attacker to perform a command injection attack on an affected device. | 7.2 |
2021-05-19 | CVE-2021-33204 | Command Injection vulnerability in Pgxn PG Partman In the pg_partman (aka PG Partition Manager) extension before 4.5.1 for PostgreSQL, arbitrary code execution can be achieved via SECURITY DEFINER functions because an explicit search_path is not set. | 7.5 |
2021-05-18 | CVE-2020-20951 | Command Injection vulnerability in Pluck-Cms Pluck 4.7.10 In Pluck-4.7.10-dev2 admin background, a remote command execution vulnerability exists when uploading files. | 9.8 |
2021-05-13 | CVE-2020-12967 | Command Injection vulnerability in AMD products The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor. | 9.0 |
2021-05-13 | CVE-2021-26311 | Command Injection vulnerability in AMD products In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor. | 9.0 |