Search
Total
1192 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-21433 | 1 Demon1a | 1 Discord-recon | 2024-01-12 | 6.5 MEDIUM | 8.8 HIGH |
| Discord Recon Server is a bot that allows you to do your reconnaissance process from your Discord. Remote code execution in version 0.0.1 would allow remote users to execute commands on the server resulting in serious issues. This flaw is patched in 0.0.2. | |||||
| CVE-2023-29048 | 1 Open-xchange | 1 Ox App Suite | 2024-01-12 | N/A | 8.8 HIGH |
| A component for parsing OXMF templates could be abused to execute arbitrary system commands that would be executed as the non-privileged runtime user. Users and attackers could run system commands with limited privilege to gain unauthorized access to confidential information and potentially violate integrity by modifying resources. The template engine has been reconfigured to deny execution of harmful commands on a system level. No publicly available exploits are known. | |||||
| CVE-2023-35960 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns legacy decompression in `vcd_main`. | |||||
| CVE-2023-35962 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2vzt` utility. | |||||
| CVE-2023-35959 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns `.ghw` decompression. | |||||
| CVE-2023-35961 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in `vcd_recorder_main`. | |||||
| CVE-2023-35963 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt2` utility. | |||||
| CVE-2023-35964 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt` utility. | |||||
| CVE-2023-39294 | 1 Qnap | 2 Qts, Quts Hero | 2024-01-11 | N/A | 7.2 HIGH |
| An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later | |||||
| CVE-2023-47560 | 1 Qnap | 1 Qumagie | 2024-01-11 | N/A | 8.8 HIGH |
| An OS command injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: QuMagie 2.2.1 and later | |||||
| CVE-2023-41289 | 1 Qnap | 1 Qcalagent | 2024-01-10 | N/A | 8.8 HIGH |
| An OS command injection vulnerability has been reported to affect QcalAgent. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: QcalAgent 1.1.8 and later | |||||
| CVE-2023-41288 | 1 Qnap | 1 Video Station | 2024-01-10 | N/A | 8.8 HIGH |
| An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later | |||||
| CVE-2023-50094 | 1 Yogeshojha | 1 Rengine | 2024-01-09 | N/A | 8.8 HIGH |
| reNgine through 2.0.2 allows OS Command Injection if an adversary has a valid session ID. The attack places shell metacharacters in an api/tools/waf_detector/?url= string. The commands are executed as root via subprocess.check_output. | |||||
| CVE-2023-4464 | 1 Poly | 8 Ccx 400, Ccx 400 Firmware, Ccx 600 and 5 more | 2024-01-09 | N/A | 7.2 HIGH |
| A vulnerability, which was classified as critical, has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201, VVX 250, VVX 300, VVX 301, VVX 310, VVX 311, VVX 350, VVX 400, VVX 401, VVX 410, VVX 411, VVX 450, VVX 500, VVX 501, VVX 600 and VVX 601. This issue affects some unknown processing of the component Diagnostic Telnet Mode. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The identifier VDB-249257 was assigned to this vulnerability. | |||||
| CVE-2023-7093 | 1 Kylinos | 1 Kylin-system-updater | 2024-01-05 | N/A | 7.8 HIGH |
| A vulnerability classified as critical has been found in KylinSoft kylin-system-updater up to 2.0.5.16-0k2.33. Affected is an unknown function of the file /usr/share/kylin-system-updater/SystemUpdater/UpgradeStrategiesDbus.py of the component com.kylin.systemupgrade Service. The manipulation of the argument SetDownloadspeedMax leads to os command injection. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248940. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-24805 | 3 Debian, Fedoraproject, Linuxfoundation | 3 Debian Linux, Fedora, Cups-filters | 2024-01-05 | N/A | 8.8 HIGH |
| cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler (beh) to create an accessible network printer, this security vulnerability can cause remote code execution. `beh.c` contains the line `retval = system(cmdline) >> 8;` which calls the `system` command with the operand `cmdline`. `cmdline` contains multiple user controlled, unsanitized values. As a result an attacker with network access to the hosted print server can exploit this vulnerability to inject system commands which are executed in the context of the running server. This issue has been addressed in commit `8f2740357` and is expected to be bundled in the next release. Users are advised to upgrade when possible and to restrict access to network printers in the meantime. | |||||
| CVE-2023-50445 | 1 Gl-inet | 24 Gl-a1300, Gl-a1300 Firmware, Gl-ar300m and 21 more | 2024-01-05 | N/A | 7.8 HIGH |
| Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the get_system_log and get_crash_log functions of the logread module, as well as the upgrade_online function of the upgrade module. | |||||
| CVE-2021-31799 | 3 Debian, Oracle, Ruby-lang | 4 Debian Linux, Jd Edwards Enterpriseone Tools, Rdoc and 1 more | 2024-01-05 | 4.4 MEDIUM | 7.0 HIGH |
| In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename. | |||||
| CVE-2022-39818 | 1 Nokia | 1 Network Functions Manager For Transport | 2024-01-03 | N/A | 8.8 HIGH |
| In NOKIA NFM-T R19.9, an OS Command Injection vulnerability occurs in /cgi-bin/R19.9/log.pl of the VM Manager WebUI via the cmd HTTP GET parameter. This allows authenticated users to execute commands, with root privileges, on the operating system. | |||||
| CVE-2020-17010 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-12-31 | 7.2 HIGH | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2023-50466 | 1 Weintek | 2 Cmt2078x, Cmt2078x Firmware | 2023-12-29 | N/A | 8.8 HIGH |
| An authenticated command injection vulnerability in Weintek cMT2078X easyweb Web Version v2.1.3, OS v20220215 allows attackers to execute arbitrary code or access sensitive information via injecting a crafted payload into the HMI Name parameter. | |||||
| CVE-2023-7002 | 1 Backupbliss | 1 Backup Migration | 2023-12-29 | N/A | 7.2 HIGH |
| The Backup Migration plugin for WordPress is vulnerable to OS Command Injection in all versions up to, and including, 1.3.9 via the 'url' parameter. This vulnerability allows authenticated attackers, with administrator-level permissions and above, to execute arbitrary commands on the host operating system. | |||||
| CVE-2023-44277 | 1 Dell | 12 Apex Protection Storage, Dd3300, Dd6400 and 9 more | 2023-12-27 | N/A | 7.8 HIGH |
| Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in the CLI. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker. | |||||
| CVE-2023-48667 | 1 Dell | 12 Apex Protection Storage, Dd3300, Dd6400 and 9 more | 2023-12-27 | N/A | 7.2 HIGH |
| Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS to bypass security restriction. Exploitation may lead to a system take over by an attacker. | |||||
| CVE-2023-49897 | 1 Fxc | 4 Ae1021, Ae1021 Firmware, Ae1021pe and 1 more | 2023-12-22 | N/A | 8.8 HIGH |
| An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product. | |||||
| CVE-2023-47565 | 1 Qnap | 1 Qvr Firmware | 2023-12-22 | N/A | 8.8 HIGH |
| An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QVR Firmware 5.0.0 and later | |||||
| CVE-2021-31607 | 2 Fedoraproject, Saltstack | 2 Fedora, Salt | 2023-12-21 | 4.6 MEDIUM | 7.8 HIGH |
| In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff function (which executes popen unsafely). | |||||
| CVE-2023-48380 | 1 Softnext | 1 Mail Sqr Expert | 2023-12-21 | N/A | 8.0 HIGH |
| Softnext Mail SQR Expert is an email management platform, it has insufficient filtering for a special character within a spcific function. A remote attacker authenticated as a localhost can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service. | |||||
| CVE-2023-48665 | 1 Dell | 3 Powermax Os, Solutions Enabler Virtual Appliance, Unisphere For Powermax Virtual Appliance | 2023-12-19 | N/A | 7.2 HIGH |
| Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system. | |||||
| CVE-2023-48664 | 1 Dell | 3 Powermax Os, Solutions Enabler Virtual Appliance, Unisphere For Powermax Virtual Appliance | 2023-12-19 | N/A | 7.2 HIGH |
| Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system. | |||||
| CVE-2023-48663 | 1 Dell | 3 Powermax Os, Solutions Enabler Virtual Appliance, Unisphere For Powermax Virtual Appliance | 2023-12-19 | N/A | 7.2 HIGH |
| Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system. | |||||
| CVE-2023-48662 | 1 Dell | 3 Powermax Os, Solutions Enabler Virtual Appliance, Unisphere For Powermax Virtual Appliance | 2023-12-19 | N/A | 7.2 HIGH |
| Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system. | |||||
| CVE-2023-44304 | 1 Dell | 2 Dm5500, Dm5500 Firmware | 2023-12-18 | N/A | 8.8 HIGH |
| Dell DM5500 contains a privilege escalation vulnerability in the appliance. A remote attacker with low privileges could potentially exploit this vulnerability to escape the restricted shell and gain root access to the appliance. | |||||
| CVE-2023-44291 | 1 Dell | 2 Powerprotect Data Manager Dm5500, Powerprotect Data Manager Dm5500 Firmware | 2023-12-18 | N/A | 7.2 HIGH |
| Dell DM5500 5.14.0.0 contains an OS command injection vulnerability in the appliance. A remote attacker with high privileges could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker. | |||||
| CVE-2023-48782 | 1 Fortinet | 1 Fortiwlm | 2023-12-15 | N/A | 8.8 HIGH |
| A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters | |||||
| CVE-2023-40716 | 1 Fortinet | 1 Fortitester | 2023-12-15 | N/A | 7.8 HIGH |
| An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the command line interpreter of FortiTester 2.3.0 through 7.2.3 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments when running execute restore/backup . | |||||
| CVE-2022-48616 | 1 Huawei | 2 Ar617vw, Ar617vw Firmware | 2023-12-15 | N/A | 7.5 HIGH |
| A Huawei data communication product has a command injection vulnerability. Successful exploitation of this vulnerability may allow attackers to gain higher privileges. | |||||
| CVE-2023-48428 | 1 Siemens | 1 Sinec Ins | 2023-12-14 | N/A | 7.2 HIGH |
| A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The radius configuration mechanism of affected products does not correctly check uploaded certificates. A malicious admin could upload a crafted certificate resulting in a denial-of-service condition or potentially issue commands on system level. | |||||
| CVE-2023-43744 | 1 Zultys | 12 Mx-e, Mx-e Firmware, Mx-se and 9 more | 2023-12-13 | N/A | 7.2 HIGH |
| An OS command injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an administrator to execute arbitrary OS commands via a file name parameter in a patch application function. The Zultys MX Administrator client has a "Patch Manager" section that allows administrators to apply patches to the device. The user supplied filename for the patch file is passed to a shell script without validation. Including bash command substitution characters in a patch file name results in execution of the provided command. | |||||
| CVE-2023-44221 | 1 Sonicwall | 10 Sma 200, Sma 200 Firmware, Sma 210 and 7 more | 2023-12-13 | N/A | 7.2 HIGH |
| Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability. | |||||
| CVE-2023-46157 | 1 Mgt-commerce | 1 Cloudpanel | 2023-12-12 | N/A | 8.8 HIGH |
| File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755. | |||||
| CVE-2023-6357 | 1 Codesys | 11 Control For Beaglebone Sl, Control For Empc-a\/imx6, Control For Iot2000 Sl and 8 more | 2023-12-11 | N/A | 8.8 HIGH |
| A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device. | |||||
| CVE-2023-36922 | 1 Sap | 1 Netweaver | 2023-12-09 | N/A | 8.8 HIGH |
| Due to programming error in function module and report, IS-OIL component in SAP ECC and SAP S/4HANA allows an authenticated attacker to inject an arbitrary operating system command into an unprotected parameter in a common (default) extension. On successful exploitation, the attacker can read or modify the system data as well as shut down the system. | |||||
| CVE-2019-0232 | 2 Apache, Microsoft | 2 Tomcat, Windows | 2023-12-08 | 9.3 HIGH | 8.1 HIGH |
| When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet is disabled by default. The CGI option enableCmdLineArguments is disable by default in Tomcat 9.0.x (and will be disabled by default in all versions in response to this vulnerability). For a detailed explanation of the JRE behaviour, see Markus Wulftange's blog (https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html) and this archived MSDN blog (https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/). | |||||
| CVE-2023-37928 | 1 Zyxel | 4 Nas326, Nas326 Firmware, Nas542 and 1 more | 2023-12-06 | N/A | 8.8 HIGH |
| A post-authentication command injection vulnerability in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device. | |||||
| CVE-2023-37927 | 1 Zyxel | 4 Nas326, Nas326 Firmware, Nas542 and 1 more | 2023-12-06 | N/A | 8.8 HIGH |
| The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device. | |||||
| CVE-2023-6201 | 1 Univera | 1 Panorama | 2023-12-05 | N/A | 8.8 HIGH |
| Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Univera Computer System Panorama allows Command Injection.This issue affects Panorama: before 8.0. | |||||
| CVE-2023-6304 | 1 Tecno-mobile | 2 Tr118, Tr118 Firmware | 2023-12-01 | N/A | 8.0 HIGH |
| A vulnerability was found in Tecno 4G Portable WiFi TR118 TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830. It has been declared as critical. This vulnerability affects unknown code of the file /goform/goform_get_cmd_process of the component Ping Tool. The manipulation of the argument url leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-246130 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2022-25174 | 1 Jenkins | 1 Pipeline\ | 2023-11-30 | 6.5 MEDIUM | 8.8 HIGH |
| Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the same checkout directories for distinct SCMs for Pipeline libraries, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents. | |||||
| CVE-2022-25173 | 1 Jenkins | 1 Pipeline\ | 2023-11-30 | 6.5 MEDIUM | 8.8 HIGH |
| Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier uses the same checkout directories for distinct SCMs when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents. | |||||