Vulnerabilities > Argument Injection or Modification
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-27 | CVE-2019-11751 | Argument Injection or Modification vulnerability in Mozilla Firefox Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. | 8.8 |
2019-08-26 | CVE-2019-15541 | Argument Injection or Modification vulnerability in Rustls Project Rustls rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service (loop of conn_event and ready) by arranging for a client to never be writable. | 7.5 |
2019-08-23 | CVE-2019-10746 | Argument Injection or Modification vulnerability in multiple products mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. | 9.8 |
2019-08-23 | CVE-2019-15498 | Argument Injection or Modification vulnerability in Getvera Vera Edge Firmware 1.7.4452 cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via --output argument injection in the username parameter to /cgi-bin/cmh/webcam.sh. | 8.8 |
2019-08-05 | CVE-2019-12264 | Argument Injection or Modification vulnerability in multiple products Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component. | 7.1 |
2019-07-11 | CVE-2019-12578 | Argument Injection or Modification vulnerability in Londontrustmedia Private Internet Access VPN Client 82 A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux could allow an authenticated, local attacker to run arbitrary code with elevated privileges. | 7.8 |
2019-07-09 | CVE-2019-13475 | Argument Injection or Modification vulnerability in Mobatek Mobaxterm 11.1 In MobaXterm 11.1, the mobaxterm: URI handler has an argument injection vulnerability that allows remote attackers to execute arbitrary commands when the user visits a specially crafted URL. | 8.8 |
2019-06-21 | CVE-2017-15694 | Argument Injection or Modification vulnerability in Apache Geode When an Apache Geode server versions 1.0.0 to 1.8.0 is operating in secure mode, a user with write permissions for specific data regions can modify internal cluster metadata. | 6.5 |
2019-06-17 | CVE-2019-8321 | Argument Injection or Modification vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. | 7.5 |
2019-06-14 | CVE-2019-11582 | Argument Injection or Modification vulnerability in Atlassian Sourcetree An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all versions prior to 3.1.3, allows remote attackers to gain remote code execution through the use of a crafted URI. | 8.8 |