Vulnerabilities > Argument Injection or Modification
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-26 | CVE-2023-30577 | Argument Injection or Modification vulnerability in Zmanda Amanda AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705. | 7.8 |
| 2023-06-27 | CVE-2023-34395 | Argument Injection or Modification vulnerability in Apache Apache-Airflow-Providers-Odbc Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Apache Software Foundation Apache Airflow ODBC Provider. In OdbcHook, A privilege escalation vulnerability exists in a system due to controllable ODBC driver parameters that allow the loading of arbitrary dynamic-link libraries, resulting in command execution. Starting version 4.0.0 driver can be set only from the hook constructor. This issue affects Apache Airflow ODBC Provider: before 4.0.0. | 7.8 |
| 2023-04-16 | CVE-2022-37705 | Argument Injection or Modification vulnerability in Zmanda Amanda 3.5.1 A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. | 6.7 |
| 2023-04-04 | CVE-2023-25356 | Argument Injection or Modification vulnerability in Coredial Sipxcom CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument Delimiters in a Command. | 8.8 |
| 2023-02-16 | CVE-2022-40677 | Argument Injection or Modification vulnerability in Fortinet Fortinac A improper neutralization of argument delimiters in a command ('argument injection') in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 allows attacker to execute unauthorized code or commands via specially crafted input parameters. | 8.8 |
| 2022-12-22 | CVE-2022-47926 | Argument Injection or Modification vulnerability in Ayacms Project Ayacms 3.1.2 AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php | 9.8 |
| 2022-11-23 | CVE-2022-23740 | Argument Injection or Modification vulnerability in Github Enterprise Server 3.7.0 CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. | 8.8 |
| 2022-11-09 | CVE-2022-45062 | Argument Injection or Modification vulnerability in multiple products In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper. | 9.8 |
| 2022-10-24 | CVE-2021-46850 | Argument Injection or Modification vulnerability in Vestacp Control Panel and Vesta Control Panel myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel before 0.9.8-26 are vulnerable to command injection. | 7.2 |
| 2022-10-16 | CVE-2022-42968 | Argument Injection or Modification vulnerability in Gitea Gitea before 1.17.3 does not sanitize and escape refs in the git backend. | 9.8 |