Vulnerabilities > Argument Injection or Modification
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-21 | CVE-2019-18888 | Argument Injection or Modification vulnerability in multiple products An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. | 7.5 |
| 2019-10-24 | CVE-2019-5013 | Argument Injection or Modification vulnerability in Wacom Driver 6.3.323 An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the start/stopLaunchDProcess command. | 7.8 |
| 2019-10-24 | CVE-2019-5012 | Argument Injection or Modification vulnerability in Wacom Driver 6.3.323 An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the startProcess command. | 7.8 |
| 2019-10-22 | CVE-2019-12148 | Argument Injection or Modification vulnerability in Sangoma Session Border Controller Firmware 2.3.23119Ga The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to an authentication bypass via an argument injection vulnerability involving special characters in the username field. | 9.8 |
| 2019-10-22 | CVE-2019-12147 | Argument Injection or Modification vulnerability in Sangoma Session Border Controller Firmware 2.3.23119Ga The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to Argument Injection via special characters in the username field. | 9.8 |
| 2019-09-27 | CVE-2019-11751 | Argument Injection or Modification vulnerability in Mozilla Firefox Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. | 8.8 |
| 2019-08-26 | CVE-2019-15541 | Argument Injection or Modification vulnerability in Rustls Project Rustls rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service (loop of conn_event and ready) by arranging for a client to never be writable. | 7.5 |
| 2019-08-23 | CVE-2019-10746 | Argument Injection or Modification vulnerability in multiple products mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. | 9.8 |
| 2019-08-23 | CVE-2019-15498 | Argument Injection or Modification vulnerability in Getvera Vera Edge Firmware 1.7.4452 cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via --output argument injection in the username parameter to /cgi-bin/cmh/webcam.sh. | 8.8 |
| 2019-08-05 | CVE-2019-12264 | Argument Injection or Modification vulnerability in multiple products Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component. | 7.1 |