Vulnerabilities > Argument Injection or Modification
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-18 | CVE-2020-28490 | Argument Injection or Modification vulnerability in Async-Git Project Async-Git The package async-git before 1.13.2 are vulnerable to Command Injection via shell meta-characters (back-ticks). | 7.5 |
2021-02-09 | CVE-2021-26937 | Argument Injection or Modification vulnerability in multiple products encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence. | 9.8 |
2020-12-23 | CVE-2020-35136 | Argument Injection or Modification vulnerability in Dolibarr Erp/Crm 12.0.3 Dolibarr 12.0.3 is vulnerable to authenticated Remote Code Execution. | 7.2 |
2020-12-18 | CVE-2020-25494 | Argument Injection or Modification vulnerability in Xinuos Openserver 5.0.7/6.0 Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook. | 7.5 |
2020-11-06 | CVE-2020-27129 | Argument Injection or Modification vulnerability in Cisco Sd-Wan Vmanage A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges. | 6.7 |
2020-11-06 | CVE-2020-5648 | Argument Injection or Modification vulnerability in Mitsubishielectric Coreos Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS version "05.65.00.BD" and earlier, and GT1450HS-QMBDE CoreOS version "05.65.00.BD" and earlier) allows unauthenticated attackers on adjacent network to stop the network functions of the products via a specially crafted packet. | 6.5 |
2020-11-02 | CVE-2020-5657 | Argument Injection or Modification vulnerability in Mitsubishielectric products Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows unauthenticated attackers on adjacent network to stop the network functions of the products via a specially crafted packet. | 3.3 |
2020-10-27 | CVE-2020-15238 | Argument Injection or Modification vulnerability in multiple products Blueman is a GTK+ Bluetooth Manager. | 7.0 |
2020-10-20 | CVE-2020-5792 | Argument Injection or Modification vulnerability in Nagios XI 5.7.3 Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of the apache user. | 6.5 |
2020-09-22 | CVE-2020-14027 | Argument Injection or Modification vulnerability in Ozeki NG SMS Gateway An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. | 3.5 |