Vulnerabilities > Argument Injection or Modification

DATE CVE VULNERABILITY TITLE RISK
2019-09-27 CVE-2019-11751 Argument Injection or Modification vulnerability in Mozilla Firefox
Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application.
network
low complexity
mozilla CWE-88
8.8
2019-08-26 CVE-2019-15541 Argument Injection or Modification vulnerability in Rustls Project Rustls
rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service (loop of conn_event and ready) by arranging for a client to never be writable.
network
low complexity
rustls-project CWE-88
7.5
2019-08-23 CVE-2019-10746 Argument Injection or Modification vulnerability in multiple products
mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0.
network
low complexity
mixin-deep-project fedoraproject oracle CWE-88
critical
9.8
2019-08-23 CVE-2019-15498 Argument Injection or Modification vulnerability in Getvera Vera Edge Firmware 1.7.4452
cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via --output argument injection in the username parameter to /cgi-bin/cmh/webcam.sh.
network
low complexity
getvera CWE-88
8.8
2019-08-05 CVE-2019-12264 Argument Injection or Modification vulnerability in multiple products
Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component.
low complexity
windriver belden siemens CWE-88
7.1
2019-07-11 CVE-2019-12578 Argument Injection or Modification vulnerability in Londontrustmedia Private Internet Access VPN Client 82
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux could allow an authenticated, local attacker to run arbitrary code with elevated privileges.
local
low complexity
londontrustmedia CWE-88
7.8
2019-07-09 CVE-2019-13475 Argument Injection or Modification vulnerability in Mobatek Mobaxterm 11.1
In MobaXterm 11.1, the mobaxterm: URI handler has an argument injection vulnerability that allows remote attackers to execute arbitrary commands when the user visits a specially crafted URL.
network
low complexity
mobatek CWE-88
8.8
2019-06-21 CVE-2017-15694 Argument Injection or Modification vulnerability in Apache Geode
When an Apache Geode server versions 1.0.0 to 1.8.0 is operating in secure mode, a user with write permissions for specific data regions can modify internal cluster metadata.
network
low complexity
apache CWE-88
6.5
2019-06-17 CVE-2019-8321 Argument Injection or Modification vulnerability in multiple products
An issue was discovered in RubyGems 2.6 and later through 3.0.2.
network
low complexity
rubygems debian opensuse CWE-88
7.5
2019-06-14 CVE-2019-11582 Argument Injection or Modification vulnerability in Atlassian Sourcetree
An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all versions prior to 3.1.3, allows remote attackers to gain remote code execution through the use of a crafted URI.
network
low complexity
atlassian CWE-88
8.8