• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-77

CVE-2021-42890

February 23, 2023 by

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function NTPSyncWithHost of the file system.so which can control hostTime to attack.

CVE-2021-42740

February 23, 2023 by

The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.

CVE-2021-42559

February 23, 2023 by

An issue was discovered in CALDERA 2.8.1. It contains multiple startup “requirements” that execute commands when starting the server. Because these commands can be changed via the REST API, an authenticated user can insert arbitrary commands that will execute when the server is restarted.

CVE-2021-42638

February 23, 2023 by

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution.

CVE-2021-42538

February 23, 2023 by

The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input.

CVE-2021-42094

February 23, 2023 by

An issue was discovered in Zammad before 4.1.1. Command Injection can occur via custom Packages.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 74
  • Go to page 75
  • Go to page 76
  • Go to page 77
  • Go to page 78
  • Interim pages omitted …
  • Go to page 172
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE