Vulnerabilities > Argument Injection or Modification
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-19 | CVE-2022-23221 | Argument Injection or Modification vulnerability in multiple products H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392. | 9.8 |
| 2021-12-08 | CVE-2021-43809 | Argument Injection or Modification vulnerability in Bundler `Bundler` is a package for managing application dependencies in Ruby. | 7.3 |
| 2021-12-08 | CVE-2021-37040 | Argument Injection or Modification vulnerability in Huawei Emui, Harmonyos and Magic UI There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting. | 9.8 |
| 2021-09-22 | CVE-2021-38112 | Argument Injection or Modification vulnerability in Amazon AWS Workspaces In the Amazon AWS WorkSpaces client 3.0.10 through 3.1.8 on Windows, argument injection in the workspaces:// URI handler can lead to remote code execution because of the Chromium Embedded Framework (CEF) --gpu-launcher argument. | 8.8 |
| 2021-09-17 | CVE-2021-41316 | Argument Injection or Modification vulnerability in Device42 The Device42 Main Appliance before 17.05.01 does not sanitize user input in its Nmap Discovery utility. | 8.1 |
| 2021-09-09 | CVE-2021-34718 | Argument Injection or Modification vulnerability in Cisco IOS XR A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. | 8.1 |
| 2021-08-13 | CVE-2021-21814 | Argument Injection or Modification vulnerability in ATT Xmill 0.7 Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. | 7.8 |
| 2021-08-11 | CVE-2021-3045 | Argument Injection or Modification vulnerability in Paloaltonetworks Pan-Os An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system. | 4.9 |
| 2021-07-22 | CVE-2021-3540 | Argument Injection or Modification vulnerability in Ivanti Mobileiron 10.7.0.19/11.0.0.0 By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. | 7.2 |
| 2021-07-21 | CVE-2021-34816 | Argument Injection or Modification vulnerability in Etherpad 1.8.13 An Argument Injection issue in the plugin management of Etherpad 1.8.13 allows privileged users to execute arbitrary code on the server by installing plugins from an attacker-controlled source. | 7.2 |