Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2021-10-15 CVE-2021-37739 Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1.
network
low complexity
arubanetworks CWE-77
7.2
7.2
2021-10-15 CVE-2021-40986 Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1.
network
low complexity
arubanetworks CWE-77
7.2
7.2
2021-10-15 CVE-2021-40987 Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1.
network
low complexity
arubanetworks CWE-77
7.2
7.2
2021-10-15 CVE-2021-40999 Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1.
network
low complexity
arubanetworks CWE-77
7.2
7.2
2021-10-07 CVE-2021-42094 Command Injection vulnerability in Zammad
An issue was discovered in Zammad before 4.1.1.
network
low complexity
zammad CWE-77
critical
 9.8
9.8
2021-10-05 CVE-2021-41116 Command Injection vulnerability in multiple products
Composer is an open source dependency manager for the PHP language.
network
low complexity
getcomposer tenable CWE-77
critical
 9.8
9.8
2021-10-01 CVE-2021-34352 Command Injection vulnerability in Qnap QVR
A command injection vulnerability has been reported to affect QNAP device running QVR.
network
low complexity
qnap CWE-77
critical
 9.8
9.8
2021-09-28 CVE-2021-37106 Command Injection vulnerability in Huawei Fusioncompute
There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0.0 when processing the default certificate file.
network
low complexity
huawei CWE-77
7.2
7.2
2021-09-28 CVE-2021-38124 Command Injection vulnerability in Microfocus Arcsight Enterprise Security Manager 7.4/7.5
Remote Code Execution vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM) product, affecting versions 7.0.2 through 7.5.
network
low complexity
microfocus CWE-77
critical
 9.8
9.8
2021-09-27 CVE-2021-34348 Command Injection vulnerability in Qnap QVR
A command injection vulnerability has been reported to affect QNAP device running QVR.
network
low complexity
qnap CWE-77
critical
 9.8
9.8