Search
Total
349 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-41128 | 1 Hygeia Project | 1 Hygeia | 2021-10-14 | 6.5 MEDIUM | 8.8 HIGH |
| Hygeia is an application for collecting and processing personal and case data in connection with communicable diseases. In affected versions all CSV Exports (Statistics & BAG MED) contain a CSV Injection Vulnerability. Users of the system are able to submit formula as exported fields which then get executed upon ingestion of the exported file. There is no validation or sanitization of these formula fields and so malicious may construct malicious code. This vulnerability has been resolved in version 1.30.4. There are no workarounds and all users are advised to upgrade their package. | |||||
| CVE-2021-35504 | 1 Afian | 1 Filerun | 2021-10-12 | 6.5 MEDIUM | 7.2 HIGH |
| Afian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path value for the ffmpeg binary. | |||||
| CVE-2021-35505 | 1 Afian | 1 Filerun | 2021-10-12 | 6.5 MEDIUM | 7.2 HIGH |
| Afian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path value for the magick binary. | |||||
| CVE-2021-41390 | 1 Ericsson | 1 Enterprise Content Management | 2021-09-29 | 6.0 MEDIUM | 8.0 HIGH |
| In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulnerable to CSV Injection. | |||||
| CVE-2021-39213 | 1 Glpi-project | 1 Glpi | 2021-09-28 | 6.0 MEDIUM | 8.8 HIGH |
| GLPI is a free Asset and IT management software package. Starting in version 9.1 and prior to version 9.5.6, GLPI with API Rest enabled is vulnerable to API bypass with custom header injection. This issue is fixed in version 9.5.6. One may disable API Rest as a workaround. | |||||
| CVE-2021-29702 | 3 Ibm, Linux, Microsoft | 4 Aix, Db2, Linux Kernel and 1 more | 2021-09-20 | 5.0 MEDIUM | 7.5 HIGH |
| Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1.4 and 11.5.5 is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200658. | |||||
| CVE-2021-30653 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2021-09-17 | 6.8 MEDIUM | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2021-30777 | 1 Apple | 2 Mac Os X, Macos | 2021-09-17 | 9.3 HIGH | 7.8 HIGH |
| An injection issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A malicious application may be able to gain root privileges. | |||||
| CVE-2021-40143 | 1 Sonatype | 1 Nexus Repository Manager 3 | 2021-09-14 | 6.4 MEDIUM | 8.2 HIGH |
| Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection. By sending a crafted HTTP request, a remote attacker may disclose sensitive information or request external resources from a vulnerable instance. | |||||
| CVE-2015-8800 | 1 Broadcom | 5 Symantec Critical System Protection, Symantec Data Center Security Server, Symantec Data Center Security Server And Agents and 2 more | 2021-09-09 | 4.9 MEDIUM | 7.3 HIGH |
| Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allow remote authenticated users to conduct argument-injection attacks by leveraging certain named-pipe access. | |||||
| CVE-2021-38084 | 1 Courier-mta | 1 Courier Mail Server | 2021-09-09 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the POP3 component of Courier Mail Server before 1.1.5. Meddler-in-the-middle attackers can pipeline commands after the POP3 STLS command, injecting plaintext commands into an encrypted user session. | |||||
| CVE-2014-5086 | 3 Sphider, Sphider-plus, Sphiderpro | 3 Sphider, Sphider-plus, Sphider Pro | 2021-09-09 | 6.5 MEDIUM | 8.8 HIGH |
| A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fwrite in Sphider Pro and Sphider Plus only, but don’t exist in Sphider. | |||||
| CVE-2021-36022 | 1 Adobe | 2 Adobe Commerce, Magento Open Source | 2021-09-08 | 6.5 MEDIUM | 7.2 HIGH |
| Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution. | |||||
| CVE-2021-38371 | 1 Exim | 1 Exim | 2021-08-20 | 5.0 MEDIUM | 7.5 HIGH |
| The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending. | |||||
| CVE-2021-38290 | 1 Thedaylightstudio | 1 Fuel Cms | 2021-08-17 | 6.8 MEDIUM | 8.1 HIGH |
| A host header attack vulnerability exists in FUEL CMS 1.5.0 through fuel/modules/fuel/config/fuel_constants.php and fuel/modules/fuel/libraries/Asset.php. An attacker can use a man in the middle attack such as phishing. | |||||
| CVE-2014-5084 | 1 Sphiderpro | 1 Sphider Pro | 2021-08-16 | 6.5 MEDIUM | 8.8 HIGH |
| A Command Execution vulnerability exists in Sphider Pro 3.2 due to insufficient sanitization of fwrite, which could let a remote malicious user execute arbitrary code. CVE-2014-5084 pertains to instances of fwrite in Sphider Pro only, but do not exist in either Sphider or Sphider Plus. | |||||
| CVE-2021-35450 | 1 Entando | 1 Admin Console | 2021-08-10 | 9.0 HIGH | 7.2 HIGH |
| A Server Side Template Injection in the Entando Admin Console 6.3.9 and before allows a user with privileges to execute FreeMarker template with command execution via freemarker.template.utility.Execute | |||||
| CVE-2020-9017 | 1 Litecart | 1 Litecart | 2021-07-21 | 6.0 MEDIUM | 8.0 HIGH |
| LiteCart through 2.2.1 allows CSV injection via a customer's profile. | |||||
| CVE-2020-7694 | 1 Encode | 1 Uvicorn | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| This affects all versions of package uvicorn. The request logger provided by the package is vulnerable to ASNI escape sequence injection. Whenever any HTTP request is received, the default behaviour of uvicorn is to log its details to either the console or a log file. When attackers request crafted URLs with percent-encoded escape sequences, the logging component will log the URL after it's been processed with urllib.parse.unquote, therefore converting any percent-encoded characters into their single-character equivalent, which can have special meaning in terminal emulators. By requesting URLs with crafted paths, attackers can: * Pollute uvicorn's access logs, therefore jeopardising the integrity of such files. * Use ANSI sequence codes to attempt to interact with the terminal emulator that's displaying the logs (either in real time or from a file). | |||||
| CVE-2020-7613 | 1 Clamscan Project | 1 Clamscan | 2021-07-21 | 6.8 MEDIUM | 8.1 HIGH |
| clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the `_is_clamav_binary` function located within `Index.js`. It should be noted that this vulnerability requires a pre-requisite that a folder should be created with the same command that will be chained to execute. This lowers the risk of this issue. | |||||
| CVE-2020-9428 | 4 Debian, Fedoraproject, Opensuse and 1 more | 4 Debian Linux, Fedora, Leap and 1 more | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing. | |||||
| CVE-2019-20773 | 1 Google | 1 Android | 2021-07-21 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. Unprivileged applications can execute shell commands via the connectivity service. The LG ID is LVE-SMP-190008 (August 2019). | |||||
| CVE-2020-8801 | 1 Salesagility | 1 Suitecrm | 2021-07-21 | 6.5 MEDIUM | 7.2 HIGH |
| SuiteCRM through 7.11.11 allows PHAR Deserialization. | |||||
| CVE-2020-13247 | 1 Boolebox | 1 Boolebox | 2021-07-21 | 8.5 HIGH | 7.3 HIGH |
| BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area. | |||||
| CVE-2020-12817 | 1 Fortinet | 2 Fortianalyzer, Fortitester | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| An improper neutralization of input vulnerability in FortiAnalyzer before 6.4.1 and 6.2.5 may allow a remote authenticated attacker to inject script related HTML tags via Name parameter of Storage Connectors. | |||||
| CVE-2020-35938 | 1 Pickplugins | 2 Post Grid, Team Showcase | 2021-07-21 | 6.0 MEDIUM | 8.8 HIGH |
| PHP Object injection vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action must be set to post_grid_import_xml_layouts. | |||||
| CVE-2020-5593 | 1 Zenphoto | 1 Zenphoto | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| Zenphoto versions prior to 1.5.7 allows an attacker to conduct PHP code injection attacks by leading a user to upload a specially crafted .zip file. | |||||
| CVE-2020-15816 | 1 Westerndigital | 1 Wd Discovery | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| In Western Digital WD Discovery before 4.0.251.0, a malicious application running with standard user permissions could potentially execute code in the application's process through library injection by using DYLD environment variables. | |||||
| CVE-2020-35754 | 1 Opensolution | 2 Quick.cart, Quick.cms | 2021-07-21 | 6.5 MEDIUM | 7.2 HIGH |
| OpenSolution Quick.CMS < 6.7 and Quick.Cart < 6.7 allow an authenticated user to perform code injection (and consequently Remote Code Execution) via the input fields of the Language tab. | |||||
| CVE-2019-20680 | 1 Netgear | 38 D7000, D7000 Firmware, R6220 and 35 more | 2021-07-21 | 5.2 MEDIUM | 8.0 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7000v2 before 1.0.0.53, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.60, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.46, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.32. | |||||
| CVE-2020-27687 | 1 Thingsboard | 1 Thingsboard | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| ThingsBoard before v3.2 is vulnerable to Host header injection in password-reset emails. This allows an attacker to send malicious links in password-reset emails to victims, pointing to an attacker-controlled server. Lack of validation of the Host header allows this to happen. | |||||
| CVE-2020-5604 | 1 Mercari | 1 Mercari | 2021-07-21 | 6.8 MEDIUM | 8.1 HIGH |
| Android App 'Mercari' (Japan version) prior to version 3.52.0 allows arbitrary method execution of a Java object by a remote attacker via a Man-In-The-Middle attack by using Java Reflection API of JavaScript code on WebView. | |||||
| CVE-2020-12478 | 1 Teampass | 1 Teampass | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| TeamPass 2.1.27.36 allows an unauthenticated attacker to retrieve files from the TeamPass web root. This may include backups or LDAP debug files. | |||||
| CVE-2020-35226 | 1 Netgear | 4 Gs116e, Gs116e Firmware, Jgs516pe and 1 more | 2021-07-21 | 4.8 MEDIUM | 7.1 HIGH |
| NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allow unauthenticated users to modify the switch DHCP configuration by sending the corresponding write request command. | |||||
| CVE-2020-4432 | 1 Ibm | 10 Aspera Application Platform On Demand, Aspera Faspex On Demand, Aspera High-speed Transfer Endpoint and 7 more | 2021-07-21 | 6.0 MEDIUM | 7.5 HIGH |
| Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API. IBM X-Force ID: 180810. | |||||
| CVE-2020-6811 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. | |||||
| CVE-2020-13826 | 1 I-doit | 1 I-doit | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| A CSV injection (aka Excel Macro Injection or Formula Injection) issue in i-doit 1.14.2 allows an attacker to execute arbitrary commands via a Title parameter that is mishandled in a CSV export. | |||||
| CVE-2020-6262 | 1 Sap | 1 Application Server | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| Service Data Download in SAP Application Server ABAP (ST-PI, before versions 2008_1_46C, 2008_1_620, 2008_1_640, 2008_1_700, 2008_1_710, 740) allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application and the whole ABAP system leading to Code Injection. | |||||
| CVE-2020-22275 | 1 Easyregistrationforms | 1 Easy Registration Forms | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| Easy Registration Forms (ER Forms) Wordpress Plugin 2.0.6 allows an attacker to submit an entry with malicious CSV commands. After that, when the system administrator generates CSV output from the forms information, there is no check on this inputs and the codes are executable. | |||||
| CVE-2020-1022 | 1 Microsoft | 2 Dynamics 365 Business Central, Dynamics Nav | 2021-07-21 | 6.0 MEDIUM | 8.0 HIGH |
| A remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'. | |||||
| CVE-2020-1811 | 1 Huawei | 1 Gaussdb 200 | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| GaussDB 200 with version of 6.5.1 have a command injection vulnerability. Due to insufficient input validation, remote attackers with low permissions could exploit this vulnerability by sending crafted commands to the affected device. Successful exploit could allow an attacker to execute commands. | |||||
| CVE-2020-5601 | 1 Nta | 1 E-tax Reception System | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| Chrome Extension for e-Tax Reception System Ver1.0.0.0 allows remote attackers to execute an arbitrary command via unspecified vectors. | |||||
| CVE-2020-35734 | 1 Batflat | 1 Batflat | 2021-07-21 | 6.5 MEDIUM | 7.2 HIGH |
| ** UNSUPPORTED WHEN ASSIGNED ** Sruu.pl in Batflat 1.3.6 allows an authenticated user to perform code injection (and consequently Remote Code Execution) via the input fields of the Users tab. To exploit this, one must login to the administration panel and edit an arbitrary user's data (username, displayed name, etc.). NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2020-6581 | 2 Fedoraproject, Nagios | 2 Fedora, Remote Plug In Executor | 2021-07-21 | 3.7 LOW | 7.3 HIGH |
| Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets \n as the character \ and the character n (not as the \n newline sequence). This can cause command injection. | |||||
| CVE-2020-5821 | 1 Symantec | 1 Endpoint Protection | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit. | |||||
| CVE-2020-6243 | 1 Sap | 1 Adaptive Server Enterprise | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| Under certain conditions, SAP Adaptive Server Enterprise (XP Server on Windows Platform), versions 15.7, 16.0, does not perform the necessary checks for an authenticated user while executing the extended stored procedure, allowing an attacker to read, modify, delete restricted data on connected servers, leading to Code Injection. | |||||
| CVE-2020-1790 | 1 Huawei | 1 Gaussdb 200 | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| GaussDB 200 with version of 6.5.1 have a command injection vulnerability. The software constructs part of a command using external input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands. | |||||
| CVE-2020-13445 | 1 Liferay | 1 Liferay Portal | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| In Liferay Portal before 7.3.2 and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 6, the template API does not restrict user access to sensitive objects, which allows remote authenticated users to execute arbitrary code via crafted FreeMarker and Velocity templates. | |||||
| CVE-2020-11766 | 2 Avantfax, Ifax | 2 Avantfax, Hylafax | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| sendfax.php in iFAX AvantFAX before 3.3.6 and HylaFAX Enterprise Web Interface before 0.2.5 allows authenticated Command Injection. | |||||
| CVE-2020-7982 | 1 Openwrt | 2 Lede, Openwrt | 2021-07-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in OpenWrt 18.06.0 to 18.06.6 and 19.07.0, and LEDE 17.01.0 to 17.01.7. A bug in the fork of the opkg package manager before 2020-01-25 prevents correct parsing of embedded checksums in the signed repository index, allowing a man-in-the-middle attacker to inject arbitrary package payloads (which are installed without verification). | |||||