Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2021-11-03 CVE-2021-43339 Command Injection vulnerability in Ericsson Network Location
In Ericsson Network Location before 2021-07-31, it is possible for an authenticated attacker to inject commands via file_name in the export functionality.
network
low complexity
ericsson CWE-77
8.8
8.8
2021-10-26 CVE-2021-40345 Command Injection vulnerability in Nagios XI 5.8.5
An issue was discovered in Nagios XI 5.8.5.
network
low complexity
nagios CWE-77
7.2
7.2
2021-10-22 CVE-2021-42538 Command Injection vulnerability in Emerson products
The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input.
network
low complexity
emerson CWE-77
8.8
8.8
2021-10-22 CVE-2021-41744 Command Injection vulnerability in Yonyou Ufida Product Lifecycle Management
All versions of yongyou PLM are affected by a command injection issue.
network
low complexity
yonyou CWE-77
critical
 9.8
9.8
2021-10-22 CVE-2021-34362 Command Injection vulnerability in Qnap Media Streaming Add-On
A command injection vulnerability has been reported to affect QNAP device running Media Streaming add-on.
network
low complexity
qnap CWE-77
7.2
7.2
2021-10-21 CVE-2021-41146 Command Injection vulnerability in Qutebrowser
qutebrowser is an open source keyboard-focused browser with a minimal GUI.
network
low complexity
qutebrowser CWE-77
8.8
8.8
2021-10-21 CVE-2021-42740 Command Injection vulnerability in Shell-Quote Project Shell-Quote
The shell-quote package before 1.7.3 for Node.js allows command injection.
network
low complexity
shell-quote-project CWE-77
critical
 9.8
9.8
2021-10-15 CVE-2021-40994 Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1.
network
low complexity
arubanetworks CWE-77
6.3
6.3
2021-10-15 CVE-2021-40995 Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1.
network
low complexity
arubanetworks CWE-77
6.3
6.3
2021-10-15 CVE-2021-40998 Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1.
network
low complexity
arubanetworks CWE-77
7.2
7.2