Vulnerabilities > Argument Injection or Modification
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-22 | CVE-2021-38112 | Argument Injection or Modification vulnerability in Amazon AWS Workspaces In the Amazon AWS WorkSpaces client 3.0.10 through 3.1.8 on Windows, argument injection in the workspaces:// URI handler can lead to remote code execution because of the Chromium Embedded Framework (CEF) --gpu-launcher argument. | 8.8 |
| 2021-09-17 | CVE-2021-41316 | Argument Injection or Modification vulnerability in Device42 The Device42 Main Appliance before 17.05.01 does not sanitize user input in its Nmap Discovery utility. | 8.1 |
| 2021-09-09 | CVE-2021-34718 | Argument Injection or Modification vulnerability in Cisco IOS XR A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. | 8.1 |
| 2021-08-13 | CVE-2021-21814 | Argument Injection or Modification vulnerability in ATT Xmill 0.7 Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. | 7.8 |
| 2021-08-11 | CVE-2021-3045 | Argument Injection or Modification vulnerability in Paloaltonetworks Pan-Os An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system. | 4.9 |
| 2021-07-22 | CVE-2021-3540 | Argument Injection or Modification vulnerability in Ivanti Mobileiron 10.7.0.19/11.0.0.0 By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. | 7.2 |
| 2021-07-21 | CVE-2021-34816 | Argument Injection or Modification vulnerability in Etherpad 1.8.13 An Argument Injection issue in the plugin management of Etherpad 1.8.13 allows privileged users to execute arbitrary code on the server by installing plugins from an attacker-controlled source. | 7.2 |
| 2021-07-13 | CVE-2021-36122 | Argument Injection or Modification vulnerability in Echobh Sharecare 8.15.5 An issue was discovered in Echo ShareCare 8.15.5. | 8.8 |
| 2021-06-11 | CVE-2021-3256 | Argument Injection or Modification vulnerability in Kuaifan Kuaifancms 5.0 KuaiFanCMS V5.x contains an arbitrary file read vulnerability in the html_url parameter of the chakanhtml.module.php file. | 6.5 |
| 2021-05-29 | CVE-2021-33564 | Argument Injection or Modification vulnerability in Dragonfly Project Dragonfly An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files via a crafted URL when the verify_url option is disabled. | 9.8 |