Search
Total
35 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6269 | 1 Atos | 3 Unify Openscape Bcf, Unify Openscape Branch, Unify Openscape Session Border Controller | 2023-12-13 | N/A | 9.8 CRITICAL |
| An argument injection vulnerability has been identified in the administrative web interface of the Atos Unify OpenScape products "Session Border Controller" (SBC) and "Branch", before version V10 R3.4.0, and OpenScape "BCF" before versions V10R10.12.00 and V10R11.05.02. This allows an unauthenticated attacker to gain root access to the appliance via SSH (scope change) and also bypass authentication for the administrative interface and gain access as an arbitrary (administrative) user. | |||||
| CVE-2022-23221 | 3 Debian, H2database, Oracle | 3 Debian Linux, H2, Communications Cloud Native Core Console | 2023-08-18 | 10.0 HIGH | 9.8 CRITICAL |
| H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392. | |||||
| CVE-2023-33376 | 1 Connectedio | 1 Connected Io | 2023-08-08 | N/A | 9.8 CRITICAL |
| Connected IO v2.1.0 and prior has an argument injection vulnerability in its iptables command message in its communication protocol, enabling attackers to execute arbitrary OS commands on devices. | |||||
| CVE-2023-33378 | 1 Connectedio | 1 Connected Io | 2023-08-08 | N/A | 9.8 CRITICAL |
| Connected IO v2.1.0 and prior has an argument injection vulnerability in its AT command message in its communication protocol, enabling attackers to execute arbitrary OS commands on devices. | |||||
| CVE-2022-24376 | 1 Git-promise Project | 1 Git-promise | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package git-promise are vulnerable to Command Injection due to an inappropriate fix of a prior [vulnerability](https://security.snyk.io/vuln/SNYK-JS-GITPROMISE-567476) in this package. **Note:** Please note that the vulnerability will not be fixed. The README file was updated with a warning regarding this issue. | |||||
| CVE-2022-25900 | 1 Git-clone Project | 1 Git-clone | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| All versions of package git-clone are vulnerable to Command Injection due to insecure usage of the --upload-pack feature of git. | |||||
| CVE-2022-25865 | 1 Microsoft | 1 Workspace-tools | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| The package workspace-tools before 0.18.4 are vulnerable to Command Injection via git argument injection. When calling the fetchRemoteBranch(remote: string, remoteBranch: string, cwd: string) function, both the remote and remoteBranch parameters are passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection. | |||||
| CVE-2022-25866 | 1 Git-php Project | 1 Git-php | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| The package czproject/git-php before 4.0.3 are vulnerable to Command Injection via git argument injection. When calling the isRemoteUrlReadable($url, array $refs = NULL) function, both the url and refs parameters are passed to the git ls-remote subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection. | |||||
| CVE-2022-24433 | 1 Simple-git Project | 1 Simple-git | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| The package simple-git before 3.3.0 are vulnerable to Command Injection via argument injection. When calling the .fetch(remote, branch, handlerFn) function, both the remote and branch parameters are passed to the git fetch subcommand. By injecting some git options it was possible to get arbitrary command execution. | |||||
| CVE-2022-21187 | 1 Libvcs Project | 1 Libvcs | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| The package libvcs before 0.11.1 are vulnerable to Command Injection via argument injection. When calling the update_repo function (when using hg), the url parameter is passed to the hg clone command. By injecting some hg options it was possible to get arbitrary command execution. | |||||
| CVE-2022-24066 | 1 Simple-git Project | 1 Simple-git | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| The package simple-git before 3.5.0 are vulnerable to Command Injection due to an incomplete fix of [CVE-2022-24433](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-2421199) which only patches against the git fetch attack vector. A similar use of the --upload-pack feature of git is also supported for git clone, which the prior fix didn't cover. | |||||
| CVE-2022-24437 | 1 Git-pull-or-clone Project | 1 Git-pull-or-clone | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| The package git-pull-or-clone before 2.0.2 are vulnerable to Command Injection due to the use of the --upload-pack feature of git which is also supported for git clone. The source includes the use of the secure child process API spawn(). However, the outpath parameter passed to it may be a command-line argument to the git clone command and result in arbitrary command injection. | |||||
| CVE-2021-33473 | 1 Dragonfly Project | 1 Dragonfly | 2022-07-15 | 4.9 MEDIUM | 9.1 CRITICAL |
| An argument injection vulnerability in Dragonfly Ruby Gem v1.3.0 allows attackers to read and write arbitrary files when the verify_url option is disabled. This vulnerability is exploited via a crafted URL. | |||||
| CVE-2021-37040 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 6.8 MEDIUM | 9.8 CRITICAL |
| There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting. | |||||
| CVE-2022-30284 | 1 Python-libnmap Project | 1 Python-libnmap | 2022-06-02 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** In the python-libnmap package through 0.7.2 for Python, remote command execution can occur (if used in a client application that does not validate arguments). NOTE: the vendor believes it would be unrealistic for an application to call NmapProcess with arguments taken from input data that arrived over an untrusted network, and thus the CVSS score corresponds to an unrealistic use case. None of the NmapProcess documentation implies that this is an expected use case. | |||||
| CVE-2022-25648 | 1 Git | 1 Git | 2022-06-02 | 7.5 HIGH | 9.8 CRITICAL |
| The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection. | |||||
| CVE-2021-26937 | 3 Debian, Fedoraproject, Gnu | 3 Debian Linux, Fedora, Screen | 2022-05-06 | 7.5 HIGH | 9.8 CRITICAL |
| encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence. | |||||
| CVE-2020-28490 | 1 Async-git Project | 1 Async-git | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| The package async-git before 1.13.2 are vulnerable to Command Injection via shell meta-characters (back-ticks). For example: git.reset('atouch HACKEDb') | |||||
| CVE-2020-25494 | 1 Xinuos | 1 Openserver | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook. | |||||
| CVE-2019-10746 | 1 Mixin-deep Project | 1 Mixin-deep | 2021-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload. | |||||
| CVE-2021-33564 | 1 Dragonfly Project | 1 Dragonfly | 2021-06-10 | 6.8 MEDIUM | 9.8 CRITICAL |
| An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files via a crafted URL when the verify_url option is disabled. This may lead to code execution. The problem occurs because the generate and process features mishandle use of the ImageMagick convert utility. | |||||
| CVE-2021-31909 | 1 Jetbrains | 1 Teamcity | 2021-05-14 | 7.5 HIGH | 9.8 CRITICAL |
| In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible. | |||||
| CVE-2021-21386 | 1 Apkleaks Project | 1 Apkleaks | 2021-03-27 | 10.0 HIGH | 9.8 CRITICAL |
| APKLeaks is an open-source project for scanning APK file for URIs, endpoints & secrets. APKLeaks prior to v2.0.3 allows remote attackers to execute arbitrary OS commands via package name inside application manifest. An attacker could include arguments that allow unintended commands or code to be executed, allow sensitive data to be read or modified or could cause other unintended behavior through malicious package name. The problem is fixed in version v2.0.6-dev and above. | |||||
| CVE-2021-24030 | 1 Facebook | 1 Gameroom | 2021-03-16 | 7.5 HIGH | 9.8 CRITICAL |
| The fbgames protocol handler registered as part of Facebook Gameroom does not properly quote arguments passed to the executable. That allows a malicious URL to cause code execution. This issue affects versions prior to v1.26.0. | |||||
| CVE-2020-21224 | 1 Inspur | 1 Clusterengine | 2021-02-26 | 10.0 HIGH | 9.8 CRITICAL |
| A Remote Code Execution vulnerability has been found in Inspur ClusterEngine V4.0. A remote attacker can send a malicious login packet to the control server | |||||
| CVE-2020-15692 | 1 Nim-lang | 1 Nim | 2021-02-08 | 10.0 HIGH | 9.8 CRITICAL |
| In Nim 1.2.4, the standard library browsers mishandles the URL argument to browsers.openDefaultBrowser. This argument can be a local file path that will be opened in the default explorer. An attacker can pass one argument to the underlying open command to execute arbitrary registered system commands. | |||||
| CVE-2020-5648 | 1 Mitsubishielectric | 6 Coreos, Gt1450-qlbde, Gt1450-qmbde and 3 more | 2020-11-20 | 6.5 MEDIUM | 9.8 CRITICAL |
| Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS version "05.65.00.BD" and earlier, and GT1450HS-QMBDE CoreOS version "05.65.00.BD" and earlier) allows unauthenticated attackers on adjacent network to stop the network functions of the products via a specially crafted packet. | |||||
| CVE-2018-10992 | 1 Lilypond | 1 Lilypond | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument, because the GNU Guile code uses the system Scheme procedure instead of the system* Scheme procedure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-17523. | |||||
| CVE-2019-12148 | 1 Sangoma | 2 Session Border Controller, Session Border Controller Firmware | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to an authentication bypass via an argument injection vulnerability involving special characters in the username field. Upon successful exploitation, a remote unauthenticated user can login into the device's admin web portal without providing any credentials. This affects /var/webconfig/gui/Webconfig.inc.php. | |||||
| CVE-2019-12147 | 1 Sangoma | 2 Session Border Controller, Session Border Controller Firmware | 2020-08-24 | 5.0 MEDIUM | 9.8 CRITICAL |
| The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to Argument Injection via special characters in the username field. Upon successful exploitation, a remote unauthenticated user can create a local system user with sudo privileges, and use that user to login to the system (either via the web interface or via SSH) to achieve complete compromise of the device. This affects /var/webconfig/gui/Webconfig.inc.php and /usr/local/sng/bin/sng-user-mgmt. | |||||
| CVE-2018-17456 | 4 Canonical, Debian, Git-scm and 1 more | 11 Ubuntu Linux, Debian Linux, Git and 8 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character. | |||||
| CVE-2020-7808 | 2 Microsoft, Raonwiz | 4 Windows 10, Windows 7, Windows 8.0 and 1 more | 2020-05-22 | 7.5 HIGH | 9.8 CRITICAL |
| In RAONWIZ K Upload v2018.0.2.51 and prior, automatic update processing without integrity check on update module(web.js) allows an attacker to modify arguments which causes downloading a random DLL and injection on it. | |||||
| CVE-2018-13385 | 1 Atlassian | 1 Sourcetree | 2020-05-11 | 7.5 HIGH | 9.8 CRITICAL |
| There was an argument injection vulnerability in Sourcetree for macOS via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system. Versions of Sourcetree for macOS from 1.0b2 before 2.7.6 are affected by this vulnerability. | |||||
| CVE-2018-3856 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2019-10-03 | 9.0 HIGH | 9.9 CRITICAL |
| An exploitable vulnerability exists in the smart cameras RTSP configuration of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The device incorrectly handles spaces in the URL field, leading to an arbitrary operating system command injection. An attacker can send a series of HTTP requests to trigger this vulnerability. | |||||
| CVE-2017-14591 | 1 Atlassian | 2 Crucible, Fisheye | 2017-12-20 | 9.3 HIGH | 9.0 CRITICAL |
| Atlassian Fisheye and Crucible versions less than 4.4.3 and version 4.5.0 are vulnerable to argument injection through filenames in Mercurial repositories, allowing attackers to execute arbitrary code on a system running the impacted software. | |||||