2399 matches found
EUVD-2026-23406
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of special elements used in an OS command injection vulnerability. A high privileged attacker...
CVE-2026-35074
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of special elements used in an OS Command Injection vulnerability. A high privileged attacker...
CVE-2026-35153
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of argument delimiters in a command 'argument injection' vulnerability. A high privileged...
ROS-20260417-73-0038
Vulnerability in zabbix7.2 is related to failure to take measures to neutralize special elements used in operating system commands. Exploitation of the vulnerability may allow an attacker acting remotely to execute arbitrary commands...
Improper Neutralization
Overview Affected versions of this package are vulnerable to Improper Neutralization due to the serviceAccountRegex matcher in pilot/pkg/security/authz/model/generator.go. An attacker can gain access to workloads protected by AuthorizationPolicy rules by presenting a SPIFFE identity whose namespa...
CVE-2026-32176
Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges locally...
CVE-2026-32183
Improper neutralization of special elements used in a command 'command injection' in Windows Snipping Tool allows an unauthorized attacker to execute code locally...
EUVD-2025-209485
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WC Lovers WCFM Marketplace allows SQL Injection.This issue affects WCFM Marketplace: from n/a through 3.7.1...
PT-2026-33046
Name of the Vulnerable Software and Affected Versions Beaver Builder versions prior to 2.10.1.3 Description Improper neutralization of special elements used in an SQL command allows for Blind SQL Injection. Blind SQL Injection is a type of attack where the application does not return data directl...
EUVD-2026-22562
Microsoft Security Advisory CVE-2026-32178 – .NET Spoofing Vulnerability...
EUVD-2026-22564
Improper neutralization of special elements used in a command 'command injection' in Windows Snipping Tool allows an unauthorized attacker to execute code locally...
EUVD-2026-22348
A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via...
CVE-2026-32178
Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-32178
Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-32178
Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network...
.NET Spoofing Vulnerability
Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network...
SQL Server Elevation of Privilege Vulnerability
Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges locally...
Windows Snipping Tool Remote Code Execution Vulnerability
Improper neutralization of special elements used in a command 'command injection' in Windows Snipping Tool allows an unauthorized attacker to execute code locally...
Microsoft Power Apps Desktop Client Spoofing Vulnerability
Improper neutralization of escape, meta, or control sequences in Microsoft Power Apps allows an authorized attacker to perform spoofing over a network...
PT-2026-32687
Name of the Vulnerable Software and Affected Versions FortiSandbox versions 4.4.0 through 4.4.8 Description An OS command injection issue exists in the JRPC API of FortiSandbox due to improper neutralization of the pipe symbol | when processing the jid parameter. This flaw allows an unauthenticat...