Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-28 | CVE-2021-40412 | OS Command Injection vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An OScommand injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. | 7.2 |
| 2022-01-28 | CVE-2020-28884 | OS Command Injection vulnerability in Liferay Portal 7.2/7.3.5 Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. | 7.2 |
| 2022-01-28 | CVE-2020-28885 | OS Command Injection vulnerability in Liferay Portal 7.2/7.3.5 Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. | 7.2 |
| 2022-01-25 | CVE-2021-36295 | OS Command Injection vulnerability in Dell EMC Unity Operating Environment Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. | 7.2 |
| 2022-01-25 | CVE-2021-36296 | OS Command Injection vulnerability in Dell EMC Unity Operating Environment Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. | 7.2 |
| 2022-01-25 | CVE-2021-45844 | OS Command Injection vulnerability in multiple products Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename. | 7.8 |
| 2022-01-25 | CVE-2021-45845 | OS Command Injection vulnerability in multiple products The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document. | 7.8 |
| 2022-01-25 | CVE-2022-23935 | OS Command Injection vulnerability in Exiftool Project Exiftool lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check, leading to command injection. | 7.8 |
| 2022-01-24 | CVE-2021-43589 | OS Command Injection vulnerability in Dell products Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain an operating system (OS) command injection Vulnerability. | 6.7 |
| 2022-01-24 | CVE-2021-44981 | OS Command Injection vulnerability in Quickbox In QuickBox Pro v2.5.8 and below, the config.php file has a variable which takes a GET parameter value and parses it into a shell_exec(''); function without properly sanitizing any shell arguments, therefore remote code execution is possible. | 8.8 |