Vulnerabilities > Argument Injection or Modification
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-14 | CVE-2022-21187 | Argument Injection or Modification vulnerability in Libvcs Project Libvcs The package libvcs before 0.11.1 are vulnerable to Command Injection via argument injection. | 9.8 |
| 2022-03-11 | CVE-2022-24433 | Argument Injection or Modification vulnerability in Simple-Git Project Simple-Git The package simple-git before 3.3.0 are vulnerable to Command Injection via argument injection. | 9.8 |
| 2022-03-04 | CVE-2022-23915 | Argument Injection or Modification vulnerability in Weblate The package weblate from 0 and before 4.11.1 are vulnerable to Remote Code Execution (RCE) via argument injection when using git or mercurial repositories. | 8.8 |
| 2022-02-17 | CVE-2022-24953 | Argument Injection or Modification vulnerability in Pear Crypt GPG The Crypt_GPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions. | 5.3 |
| 2022-01-19 | CVE-2022-23221 | Argument Injection or Modification vulnerability in multiple products H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392. | 9.8 |
| 2021-12-08 | CVE-2021-43809 | Argument Injection or Modification vulnerability in Bundler `Bundler` is a package for managing application dependencies in Ruby. | 7.3 |
| 2021-12-08 | CVE-2021-37040 | Argument Injection or Modification vulnerability in Huawei Emui, Harmonyos and Magic UI There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting. | 9.8 |
| 2021-09-22 | CVE-2021-38112 | Argument Injection or Modification vulnerability in Amazon AWS Workspaces In the Amazon AWS WorkSpaces client 3.0.10 through 3.1.8 on Windows, argument injection in the workspaces:// URI handler can lead to remote code execution because of the Chromium Embedded Framework (CEF) --gpu-launcher argument. | 8.8 |
| 2021-09-17 | CVE-2021-41316 | Argument Injection or Modification vulnerability in Device42 The Device42 Main Appliance before 17.05.01 does not sanitize user input in its Nmap Discovery utility. | 8.1 |
| 2021-09-09 | CVE-2021-34718 | Argument Injection or Modification vulnerability in Cisco IOS XR A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. | 8.1 |