Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1153

1153 vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-1417 Local Code Injection Vulnerability in AuthPoint Password Manager App for macOS Safari — AuthPoint Password Manager 7.8 High2024-05-16
CVE-2024-4999 Ligowave Unity/Pro/Mimo/APC Arbitrary Command Injection — UNITY 8.8AIHighAI2024-05-16
CVE-2024-2366 Remote Code Execution in parisneo/lollms-webui — parisneo/lollms-webui 9.8AICriticalAI2024-05-16
CVE-2024-4078 Arbitrary Code Execution in parisneo/lollms — parisneo/lollms 9.8AICriticalAI2024-05-16
CVE-2024-34713 sshproxy vulnerable to SSH option injection — sshproxy 3.5 Low2024-05-14
CVE-2024-31485 Siemens 多款产品 命令注入漏洞 — CPCI85 Central Processing/Communication 7.2 High2024-05-14
CVE-2024-28136 PHOENIX CONTACT: command injection gains root privileges using the OCPP remote service — CHARX SEC-3000 7.8 High2024-05-14
CVE-2024-28135 PHOENIX CONTACT: command injection vulnerability in the API of the CHARX Series — CHARX SEC-3000 5.0 Medium2024-05-14
CVE-2024-4712 Arbitrary File Creation in PaperCut NG/MF Web Print Image Handler — PaperCut NG, PaperCut MF 7.8 High2024-05-14
CVE-2024-29895 Cacti command injection in cmd_realtime.php — cacti 10.0 Critical2024-05-13
CVE-2024-34352 Arbitrary file write vulnerability in 1Panel — 1Panel 6.5 Medium2024-05-09
CVE-2024-34347 @hoppscotch/cli affected by Sandbox Escape in @hoppscotch/js-sandbox leads to RCE — hoppscotch 8.4 High2024-05-08
CVE-2023-1000 cyanomiko dcnnt-py Notification notifications.py main command injection — dcnnt-py 6.3 Medium2024-04-27
CVE-2024-32884 gix-transport indirect code execution via malicious username — gitoxide 6.4 Medium2024-04-26
CVE-2024-32766 QTS, QuTS hero, QuTScloud — QTS 10.0 Critical2024-04-26
CVE-2024-3154 Cri-o: arbitrary command injection via pod annotation 7.2 High2024-04-26
CVE-2023-40146 Peplink Smart Reader 命令注入漏洞 — Smart Reader 6.8 Medium2024-04-17
CVE-2024-3908 Tenda AC500 WriteFacMac formWriteFacMac command injection — AC500 6.3 Medium2024-04-17
CVE-2024-32022 Kohya_ss is vulnerable to a command injection in basic_caption_gui.py (GHSL-2024-019) — kohya_ss 9.1 Critical2024-04-16
CVE-2024-32027 Kohya_ss is vulnerable to a command injection in `finetune_gui.py` (`GHSL-2024-022`) — kohya_ss 9.1 Critical2024-04-16
CVE-2024-32026 Kohya_ss is vulnerable to a command injection in `git_caption_gui.py` (`GHSL-2024-020`) — kohya_ss 9.1 Critical2024-04-16
CVE-2024-32025 Kohya_ss is vulnerable to a command injection in `group_images_gui.py` (`GHSL-2024-021`) — kohya_ss 9.1 Critical2024-04-16
CVE-2024-3871 Authenticated Remote Command Injection in Delta Electronics DVW — DVW-W02W2-E2 9.8 Critical2024-04-16
CVE-2024-3271 Command Injection in run-llama/llama_index — run-llama/llama_index 9.8 -2024-04-16
CVE-2024-30220 Planex MZK-MF300N 安全漏洞 — MZK-MF300N 8.8 High2024-04-15
CVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect — PAN-OS 10.0 Critical2024-04-12
CVE-2023-6999 Pods - Custom Content Types and Fields - Authenticated (Contributor+) Remote Code Execution — Pods – Custom Content Types and Fields 8.8 High2024-04-09
CVE-2024-21322 Microsoft Defender for IoT Remote Code Execution Vulnerability — Microsoft Defender for IoT 7.2 High2024-04-09
CVE-2024-3273 D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi command injection — DNS-320L 7.3 High2024-04-04
CVE-2024-2947 Cockpit: command injection when deleting a sosreport with a crafted name 7.3 High2024-03-28

Vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) represent 1153 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.