Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-10 | CVE-2021-29501 | Command Injection vulnerability in Dav-Cogs Project Dav-Cogs Ticketer is a command based ticket system cog (plugin) for the red discord bot. | 6.5 |
2021-05-10 | CVE-2021-23012 | Command Injection vulnerability in F5 products On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, and 13.1.x before 13.1.4, lack of input validation for items used in the system support functionality may allow users granted either "Resource Administrator" or "Administrator" roles to execute arbitrary bash commands on BIG-IP. | 7.2 |
2021-05-07 | CVE-2021-21984 | Command Injection vulnerability in VMWare Vrealize Business for Cloud 7.0 VMware vRealize Business for Cloud 7.x prior to 7.6.0 contains a remote code execution vulnerability due to an unauthorised end point. | 7.5 |
2021-05-07 | CVE-2021-32090 | Command Injection vulnerability in Localstack 0.12.6 The dashboard component of StackLift LocalStack 0.12.6 allows attackers to inject arbitrary shell commands via the functionName parameter. | 10.0 |
2021-05-05 | CVE-2020-13664 | Command Injection vulnerability in Drupal Arbitrary PHP code execution vulnerability in Drupal Core under certain circumstances. | 9.3 |
2021-04-29 | CVE-2021-25812 | Command Injection vulnerability in Chinamobile AN Lianbao Wf-1 Firmware 1.0.1 Command injection vulnerability in China Mobile An Lianbao WF-1 1.01 via the 'ip' parameter with a POST request to /api/ZRQos/set_online_client. | 7.5 |
2021-04-29 | CVE-2021-25166 | Command Injection vulnerability in Arubanetworks Airwave A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. | 6.5 |
2021-04-25 | CVE-2021-31726 | Command Injection vulnerability in Akuvox C315 Firmware 115.116.2613 Akuvox C315 115.116.2613 allows remote command Injection via the cfgd_server service. | 7.5 |
2021-04-23 | CVE-2020-7034 | Command Injection vulnerability in Avaya Session Border Controller for Enterprise A command injection vulnerability in Avaya Session Border Controller for Enterprise could allow an authenticated, remote attacker to send specially crafted messages and execute arbitrary commands with the affected system privileges. | 9.0 |
2021-04-22 | CVE-2021-0253 | Command Injection vulnerability in Juniper Junos NFX Series devices using Juniper Networks Junos OS are susceptible to a local command execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process. | 4.6 |