Vulnerabilities > Argument Injection or Modification
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-16 | CVE-2023-20224 | Argument Injection or Modification vulnerability in Cisco Thousandeyes Enterprise Agent A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient input validation of user-supplied CLI arguments. | 7.8 |
| 2023-08-04 | CVE-2023-33376 | Argument Injection or Modification vulnerability in Connectedio Connected IO Connected IO v2.1.0 and prior has an argument injection vulnerability in its iptables command message in its communication protocol, enabling attackers to execute arbitrary OS commands on devices. | 9.8 |
| 2023-08-04 | CVE-2023-33378 | Argument Injection or Modification vulnerability in Connectedio Connected IO Connected IO v2.1.0 and prior has an argument injection vulnerability in its AT command message in its communication protocol, enabling attackers to execute arbitrary OS commands on devices. | 9.8 |
| 2023-07-26 | CVE-2023-30577 | Argument Injection or Modification vulnerability in Zmanda Amanda AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705. | 7.8 |
| 2023-06-27 | CVE-2023-34395 | Argument Injection or Modification vulnerability in Apache Apache-Airflow-Providers-Odbc Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Apache Software Foundation Apache Airflow ODBC Provider. In OdbcHook, A privilege escalation vulnerability exists in a system due to controllable ODBC driver parameters that allow the loading of arbitrary dynamic-link libraries, resulting in command execution. Starting version 4.0.0 driver can be set only from the hook constructor. This issue affects Apache Airflow ODBC Provider: before 4.0.0. | 7.8 |
| 2023-04-16 | CVE-2022-37705 | Argument Injection or Modification vulnerability in Zmanda Amanda 3.5.1 A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. | 6.7 |
| 2023-04-04 | CVE-2023-25356 | Argument Injection or Modification vulnerability in Coredial Sipxcom CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument Delimiters in a Command. | 8.8 |
| 2023-02-16 | CVE-2022-40677 | Argument Injection or Modification vulnerability in Fortinet Fortinac A improper neutralization of argument delimiters in a command ('argument injection') in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 allows attacker to execute unauthorized code or commands via specially crafted input parameters. | 8.8 |
| 2022-12-22 | CVE-2022-47926 | Argument Injection or Modification vulnerability in Ayacms Project Ayacms 3.1.2 AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php | 9.8 |
| 2022-11-23 | CVE-2022-23740 | Argument Injection or Modification vulnerability in Github Enterprise Server 3.7.0 CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. | 8.8 |