Vulnerabilities > Argument Injection or Modification
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-09 | CVE-2021-26937 | Argument Injection or Modification vulnerability in multiple products encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence. | 9.8 |
| 2021-02-04 | CVE-2021-3401 | Argument Injection or Modification vulnerability in Bitcoin Bitcoin Core before 0.19.0 might allow remote attackers to execute arbitrary code when another application unsafely passes the -platformpluginpath argument to the bitcoin-qt program, as demonstrated by an x-scheme-handler/bitcoin handler for a .desktop file or a web browser. | 9.8 |
| 2020-12-23 | CVE-2020-35136 | Argument Injection or Modification vulnerability in Dolibarr Erp/Crm 12.0.3 Dolibarr 12.0.3 is vulnerable to authenticated Remote Code Execution. | 7.2 |
| 2020-11-12 | CVE-2020-7769 | Argument Injection or Modification vulnerability in Nodemailer This affects the package nodemailer before 6.4.16. | 9.8 |
| 2020-11-10 | CVE-2020-25268 | Argument Injection or Modification vulnerability in Ilias 6.4.0 Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data. | 8.8 |
| 2020-11-06 | CVE-2020-27129 | Argument Injection or Modification vulnerability in Cisco Sd-Wan Vmanage A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges. | 6.7 |
| 2020-11-06 | CVE-2020-5648 | Argument Injection or Modification vulnerability in Mitsubishielectric Coreos 05.65.00.Bd Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS version "05.65.00.BD" and earlier, and GT1450HS-QMBDE CoreOS version "05.65.00.BD" and earlier) allows unauthenticated attackers on adjacent network to stop the network functions of the products via a specially crafted packet. | 9.8 |
| 2020-11-02 | CVE-2020-5657 | Argument Injection or Modification vulnerability in Mitsubishielectric products Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows unauthenticated attackers on adjacent network to stop the network functions of the products via a specially crafted packet. | 6.5 |
| 2020-10-27 | CVE-2020-15238 | Argument Injection or Modification vulnerability in multiple products Blueman is a GTK+ Bluetooth Manager. | 7.0 |
| 2020-10-20 | CVE-2020-5792 | Argument Injection or Modification vulnerability in Nagios XI 5.7.3 Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of the apache user. | 7.2 |