Vulnerabilities > Argument Injection or Modification
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-20 | CVE-2020-5792 | Argument Injection or Modification vulnerability in Nagios XI 5.7.3 Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of the apache user. | 7.2 |
2020-09-22 | CVE-2020-14027 | Argument Injection or Modification vulnerability in Ozeki NG SMS Gateway An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. | 5.3 |
2020-08-31 | CVE-2020-4492 | Argument Injection or Modification vulnerability in IBM Spectrum Scale IBM Spectrum Scale V5.0.0.0 through V5.0.4.3 and V4.2.0.0 through V4.2.3.21 could allow a local attacker to cause a denial of service crashing the kernel by sending a subset of ioctls on the device with invalid arguments. | 5.5 |
2020-08-14 | CVE-2020-15692 | Argument Injection or Modification vulnerability in Nim-Lang NIM In Nim 1.2.4, the standard library browsers mishandles the URL argument to browsers.openDefaultBrowser. | 9.8 |
2020-08-11 | CVE-2020-17367 | Argument Injection or Modification vulnerability in multiple products Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection. | 7.8 |
2020-07-29 | CVE-2020-13699 | Argument Injection or Modification vulnerability in Teamviewer TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. | 8.8 |
2020-07-16 | CVE-2020-3380 | Argument Injection or Modification vulnerability in Cisco Data Center Network Manager A vulnerability in the CLI of Cisco Data Center Network Manager (DCNM) could allow an authenticated, local attacker to elevate privileges to root and execute arbitrary commands on the underlying operating system. | 7.8 |
2020-07-07 | CVE-2020-5599 | Argument Injection or Modification vulnerability in Mitsubishielectric Coreos 05.65.00.Bd/Y TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model) contains an improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability, which may allow a remote attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet. | 9.8 |
2020-06-22 | CVE-2020-14049 | Argument Injection or Modification vulnerability in Rakuten Viber Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. | 7.5 |
2020-06-18 | CVE-2020-14421 | Argument Injection or Modification vulnerability in Aapanel aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via the Script Content box on the Add Cron Job screen. | 7.2 |