Vulnerabilities > Argument Injection or Modification

DATE CVE VULNERABILITY TITLE RISK
2021-02-22 CVE-2020-21224 Argument Injection or Modification vulnerability in Inspur Clusterengine 4.0
A Remote Code Execution vulnerability has been found in Inspur ClusterEngine V4.0.
network
low complexity
inspur CWE-88
critical
9.8
2021-02-09 CVE-2021-26937 Argument Injection or Modification vulnerability in multiple products
encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence.
network
low complexity
gnu debian fedoraproject CWE-88
critical
9.8
2021-02-04 CVE-2021-3401 Argument Injection or Modification vulnerability in Bitcoin
Bitcoin Core before 0.19.0 might allow remote attackers to execute arbitrary code when another application unsafely passes the -platformpluginpath argument to the bitcoin-qt program, as demonstrated by an x-scheme-handler/bitcoin handler for a .desktop file or a web browser.
network
low complexity
bitcoin CWE-88
critical
9.8
2020-12-23 CVE-2020-35136 Argument Injection or Modification vulnerability in Dolibarr Erp/Crm 12.0.3
Dolibarr 12.0.3 is vulnerable to authenticated Remote Code Execution.
network
low complexity
dolibarr CWE-88
7.2
2020-11-12 CVE-2020-7769 Argument Injection or Modification vulnerability in Nodemailer
This affects the package nodemailer before 6.4.16.
network
low complexity
nodemailer CWE-88
critical
9.8
2020-11-10 CVE-2020-25268 Argument Injection or Modification vulnerability in Ilias 6.4.0
Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data.
network
low complexity
ilias CWE-88
8.8
2020-11-06 CVE-2020-27129 Argument Injection or Modification vulnerability in Cisco Sd-Wan Vmanage
A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges.
local
low complexity
cisco CWE-88
6.7
2020-11-06 CVE-2020-5648 Argument Injection or Modification vulnerability in Mitsubishielectric Coreos 05.65.00.Bd
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS version "05.65.00.BD" and earlier, and GT1450HS-QMBDE CoreOS version "05.65.00.BD" and earlier) allows unauthenticated attackers on adjacent network to stop the network functions of the products via a specially crafted packet.
network
low complexity
mitsubishielectric CWE-88
critical
9.8
2020-11-02 CVE-2020-5657 Argument Injection or Modification vulnerability in Mitsubishielectric products
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows unauthenticated attackers on adjacent network to stop the network functions of the products via a specially crafted packet.
low complexity
mitsubishielectric CWE-88
6.5
2020-10-27 CVE-2020-15238 Argument Injection or Modification vulnerability in multiple products
Blueman is a GTK+ Bluetooth Manager.
local
high complexity
blueman-project debian fedoraproject CWE-88
7.0