Total
1788 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-37125 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-09-09 | N/A | 9.8 CRITICAL |
| D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/NTPSyncWithHost. | |||||
| CVE-2020-28445 | 1 Npm-help Project | 1 Npm-help | 2022-09-04 | N/A | 9.8 CRITICAL |
| This affects all versions of package npm-help. The injection point is located in line 13 in index.js file in export.latestVersion() function. | |||||
| CVE-2022-36553 | 1 Hytec | 2 Hwl-2511-ss, Hwl-2511-ss Firmware | 2022-09-02 | N/A | 9.8 CRITICAL |
| Hytec Inter HWL-2511-SS v1.05 and below was discovered to contain a command injection vulnerability via the component /www/cgi-bin/popen.cgi. | |||||
| CVE-2022-36556 | 1 Seiko-sol | 4 Skybridge Mb-a100, Skybridge Mb-a100 Firmware, Skybridge Mb-a110 and 1 more | 2022-09-02 | N/A | 9.8 CRITICAL |
| Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08execute_ping_01. | |||||
| CVE-2022-36559 | 1 Seiko-sol | 2 Skybridge Mb-a200, Skybridge Mb-a200 Firmware | 2022-09-02 | N/A | 9.8 CRITICAL |
| Seiko SkyBridge MB-A200 v01.00.04 and below was discovered to contain a command injection vulnerability via the Ping parameter at ping_exec.cgi. | |||||
| CVE-2022-36554 | 1 Hytec | 2 Hwl-2511-ss, Hwl-2511-ss Firmware | 2022-09-01 | N/A | 9.8 CRITICAL |
| A command injection vulnerability in the CLI (Command Line Interface) implementation of Hytec Inter HWL-2511-SS v1.05 and below allows attackers to execute arbitrary commands with root privileges. | |||||
| CVE-2022-36523 | 1 Dlink | 2 Go-rt-ac750, Go-rt-ac750 Firmware | 2022-08-18 | N/A | 9.8 CRITICAL |
| D-Link Go-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to command injection via /htdocs/upnpinc/gena.php. | |||||
| CVE-2022-34660 | 1 Siemens | 1 Teamcenter | 2022-08-12 | N/A | 9.8 CRITICAL |
| A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.5), Teamcenter V14.0 (All versions < V14.0.0.2). File Server Cache service in Teamcenter consist of a functionality that is vulnerable to command injection. This could potentially allow an attacker to perform remote code execution. | |||||
| CVE-2022-34974 | 1 Dlink | 2 Dir820la1, Dir820la1 Firmware | 2022-08-10 | N/A | 9.8 CRITICAL |
| D-Link DIR810LA1_FW102B22 was discovered to contain a command injection vulnerability via the Ping_addr function. | |||||
| CVE-2020-28434 | 1 Gitblame Project | 1 Gitblame | 2022-08-08 | N/A | 9.8 CRITICAL |
| This affects all versions of package gitblame. The injection point is located in line 15 in lib/gitblame.js. | |||||
| CVE-2020-28437 | 1 Heroku-env Project | 1 Heroku-env | 2022-08-08 | N/A | 9.8 CRITICAL |
| This affects all versions of package heroku-env. The injection point is located in lib/get.js which is required by index.js. | |||||
| CVE-2020-28453 | 1 Npos-tesseract Project | 1 Npos-tesseract | 2022-08-08 | N/A | 9.8 CRITICAL |
| This affects all versions of package npos-tesseract. The injection point is located in line 55 in lib/ocr.js. | |||||
| CVE-2020-28433 | 1 Node-latex-pdf Project | 1 Node-latex-pdf | 2022-08-08 | N/A | 9.8 CRITICAL |
| This affects all versions of package node-latex-pdf. | |||||
| CVE-2020-28425 | 1 Curljs Project | 1 Curljs | 2022-08-08 | N/A | 9.8 CRITICAL |
| This affects all versions of package curljs. | |||||
| CVE-2022-2323 | 1 Sonicwall | 14 Sws12-10fpoe, Sws12-10fpoe Firmware, Sws12-8 and 11 more | 2022-08-08 | N/A | 8.8 HIGH |
| Improper neutralization of special elements used in a user input allows an authenticated malicious user to perform remote code execution in the host system. This vulnerability impacts SonicWall Switch 1.1.1.0-2s and earlier versions | |||||
| CVE-2020-28451 | 1 Image-tiler Project | 1 Image-tiler | 2022-08-06 | N/A | 9.8 CRITICAL |
| This affects the package image-tiler before 2.0.2. | |||||
| CVE-2020-7034 | 1 Avaya | 1 Session Border Controller For Enterprise | 2022-08-05 | 9.0 HIGH | 8.8 HIGH |
| A command injection vulnerability in Avaya Session Border Controller for Enterprise could allow an authenticated, remote attacker to send specially crafted messages and execute arbitrary commands with the affected system privileges. Affected versions of Avaya Session Border Controller for Enterprise include 7.x, 8.0 through 8.1.1.x | |||||
| CVE-2020-28423 | 1 Monorepo-build Project | 1 Monorepo-build | 2022-08-05 | N/A | 9.8 CRITICAL |
| This affects all versions of package monorepo-build. | |||||
| CVE-2020-7795 | 1 Get-npm-package-version Project | 1 Get-npm-package-version | 2022-08-05 | N/A | 9.8 CRITICAL |
| The package get-npm-package-version before 1.0.7 are vulnerable to Command Injection via main function in index.js. | |||||
| CVE-2022-29558 | 1 Realtek | 1 Rtl819x Software Development Kit | 2022-08-04 | N/A | 8.8 HIGH |
| Realtek rtl819x-SDK before v3.6.1 allows command injection over the web interface. | |||||