Vulnerabilities (CVE)

Filtered by CWE-77
Total 3381 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-38521 1 Netgear 10 R6400, R6400 Firmware, R7900p and 7 more 2026-06-17 6.5 MEDIUM 6.1 MEDIUM
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6400 before 1.0.1.50, R7900P before 1.4.1.50, R8000P before 1.4.1.50, RAX75 before 1.0.1.62, and RAX80 before 1.0.1.62.
CVE-2021-38520 1 Netgear 8 R6400, R6400 Firmware, R6700 and 5 more 2026-06-17 6.5 MEDIUM 6.6 MEDIUM
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6400 before 1.0.1.52, R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R6700v2 before 1.2.0.62, R6900v2 before 1.2.0.62, and R7000P before 1.3.2.124.
CVE-2021-38519 1 Netgear 27 R6250, R6250 Firmware, R6300 and 24 more 2026-06-17 6.5 MEDIUM 6.3 MEDIUM
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6250 before 1.0.4.36, R6300v2 before 1.0.4.36, R6400 before 1.0.1.50, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.8, R6900 before 1.0.2.8, R7000 before 1.0.9.88, R6900P before 1.3.2.132, R7100LG before 1.0.0.52, R7900 before 1.0.3.10, R8000 before 1.0.4.46, R7900P before 1.4.1.50, R8000P before 1.4.1.50, and RAX80 before 1.0.1.40.
CVE-2021-38518 1 Netgear 12 Rax200, Rax200 Firmware, Rax75 and 9 more 2026-06-17 6.5 MEDIUM 8.4 HIGH
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
CVE-2021-38373 1 Kde 1 Kmail 2026-06-17 3.5 LOW 5.3 MEDIUM
In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked.
CVE-2021-38372 1 Kde 1 Trojita 2026-06-17 4.3 MEDIUM 3.7 LOW
In KDE Trojita 0.7, man-in-the-middle attackers can create new folders because untagged responses from an IMAP server are accepted before STARTTLS.
CVE-2021-38370 1 Alpine Project 1 Alpine 2026-06-17 4.3 MEDIUM 5.9 MEDIUM
In Alpine before 2.25, untagged responses from an IMAP server are accepted before STARTTLS.
CVE-2021-38189 1 Lettre 1 Lettre 2026-06-17 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the lettre crate before 0.9.6 for Rust. In an e-mail message body, an attacker can place a . character after two <CR><LF> sequences and then inject arbitrary SMTP commands.
CVE-2021-38173 3 Debian, Digint, Fedoraproject 3 Debian Linux, Btrbk, Fedora 2026-06-17 7.5 HIGH 9.8 CRITICAL
Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys.
CVE-2021-38169 1 Roxy-wi 1 Roxy-wi 2026-06-17 6.5 MEDIUM 8.8 HIGH
Roxy-WI through 5.2.2.0 allows command injection via /app/funct.py and /api/api_funct.py.
CVE-2021-38124 1 Microfocus 1 Arcsight Enterprise Security Manager 2026-06-17 7.5 HIGH 9.8 CRITICAL
Remote Code Execution vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM) product, affecting versions 7.0.2 through 7.5. The vulnerability could be exploited resulting in remote code execution.
CVE-2021-38120 1 Microfocus 1 Netiq Advanced Authentication 2026-06-17 N/A 5.1 MEDIUM
A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper handling in provided command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1.
CVE-2021-38117 1 Microfocus 1 Imanager 2026-06-17 N/A 8.8 HIGH
Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.
CVE-2021-38116 1 Microfocus 1 Imanager 2026-06-17 N/A 8.8 HIGH
Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenText™ iManager. This impacts all versions before 3.2.5
CVE-2021-37739 1 Arubanetworks 1 Clearpass Policy Manager 2026-06-17 9.0 HIGH 7.2 HIGH
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability.
CVE-2021-37724 2 Arubanetworks, Siemens 3 Arubaos, Scalance W1750d, Scalance W1750d Firmware 2026-06-17 9.0 HIGH 7.2 HIGH
A remote arbitrary command execution vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.16. Aruba has released patches for ArubaOS that address this security vulnerability.
CVE-2021-37723 2 Arubanetworks, Siemens 3 Arubaos, Scalance W1750d, Scalance W1750d Firmware 2026-06-17 9.0 HIGH 7.2 HIGH
A remote arbitrary command execution vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.16. Aruba has released patches for ArubaOS that address this security vulnerability.
CVE-2021-37722 2 Arubanetworks, Siemens 4 Arubaos, Sd-wan, Scalance W1750d and 1 more 2026-06-17 9.0 HIGH 7.2 HIGH
A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.
CVE-2021-37721 2 Arubanetworks, Siemens 4 Arubaos, Sd-wan, Scalance W1750d and 1 more 2026-06-17 9.0 HIGH 7.2 HIGH
A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.
CVE-2021-37720 2 Arubanetworks, Siemens 4 Arubaos, Sd-wan, Scalance W1750d and 1 more 2026-06-17 9.0 HIGH 7.2 HIGH
A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.