Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-08 | CVE-2020-36459 | Command Injection vulnerability in Dces Project Dces An issue was discovered in the dces crate through 2020-12-09 for Rust. | 8.1 |
| 2021-08-08 | CVE-2020-36461 | Command Injection vulnerability in Noise Search Project Noise Search An issue was discovered in the noise_search crate through 2020-12-10 for Rust. | 8.1 |
| 2021-08-08 | CVE-2020-36462 | Command Injection vulnerability in Syncpool Project Syncpool An issue was discovered in the syncpool crate before 0.1.6 for Rust. | 8.1 |
| 2021-08-08 | CVE-2020-36463 | Command Injection vulnerability in Multiqueue Project Multiqueue An issue was discovered in the multiqueue crate through 2020-12-25 for Rust. | 8.1 |
| 2021-08-08 | CVE-2021-38189 | Command Injection vulnerability in Lettre An issue was discovered in the lettre crate before 0.9.6 for Rust. | 9.8 |
| 2021-08-07 | CVE-2021-38173 | Command Injection vulnerability in multiple products Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys. | 9.8 |
| 2021-08-07 | CVE-2021-38169 | Command Injection vulnerability in Roxy-Wi Roxy-WI through 5.2.2.0 allows command injection via /app/funct.py and /api/api_funct.py. | 8.8 |
| 2021-08-06 | CVE-2021-36707 | Command Injection vulnerability in Prolink Prc2402M Firmware In ProLink PRC2402M V1.0.18 and older, the set_ledonoff function in the adm.cgi binary, accessible with a page parameter value of ledonoff contains a trivial command injection where the value of the led_cmd parameter is passed directly to do_system. | 9.8 |
| 2021-07-21 | CVE-2021-21406 | Command Injection vulnerability in Combodo Itop Combodo iTop is an open source, web based IT Service Management tool. | 8.8 |
| 2021-06-28 | CVE-2021-33515 | Command Injection vulnerability in multiple products The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. | 4.8 |