Vulnerabilities > Argument Injection or Modification

DATE CVE VULNERABILITY TITLE RISK
2020-10-20 CVE-2020-5792 Argument Injection or Modification vulnerability in Nagios XI 5.7.3
Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of the apache user.
network
low complexity
nagios CWE-88
7.2
2020-09-22 CVE-2020-14027 Argument Injection or Modification vulnerability in Ozeki NG SMS Gateway
An issue was discovered in Ozeki NG SMS Gateway through 4.17.6.
network
high complexity
ozeki CWE-88
5.3
2020-08-31 CVE-2020-4492 Argument Injection or Modification vulnerability in IBM Spectrum Scale
IBM Spectrum Scale V5.0.0.0 through V5.0.4.3 and V4.2.0.0 through V4.2.3.21 could allow a local attacker to cause a denial of service crashing the kernel by sending a subset of ioctls on the device with invalid arguments.
local
low complexity
ibm CWE-88
5.5
2020-08-14 CVE-2020-15692 Argument Injection or Modification vulnerability in Nim-Lang NIM
In Nim 1.2.4, the standard library browsers mishandles the URL argument to browsers.openDefaultBrowser.
network
low complexity
nim-lang CWE-88
critical
9.8
2020-08-11 CVE-2020-17367 Argument Injection or Modification vulnerability in multiple products
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection.
7.8
2020-07-29 CVE-2020-13699 Argument Injection or Modification vulnerability in Teamviewer
TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers.
network
low complexity
teamviewer CWE-88
8.8
2020-07-16 CVE-2020-3380 Argument Injection or Modification vulnerability in Cisco Data Center Network Manager
A vulnerability in the CLI of Cisco Data Center Network Manager (DCNM) could allow an authenticated, local attacker to elevate privileges to root and execute arbitrary commands on the underlying operating system.
local
low complexity
cisco CWE-88
7.8
2020-07-07 CVE-2020-5599 Argument Injection or Modification vulnerability in Mitsubishielectric Coreos 05.65.00.Bd/Y
TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model) contains an improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability, which may allow a remote attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet.
network
low complexity
mitsubishielectric CWE-88
critical
9.8
2020-06-22 CVE-2020-14049 Argument Injection or Modification vulnerability in Rakuten Viber
Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler.
network
low complexity
rakuten CWE-88
7.5
2020-06-18 CVE-2020-14421 Argument Injection or Modification vulnerability in Aapanel
aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via the Script Content box on the Add Cron Job screen.
network
low complexity
aapanel CWE-88
7.2