Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-31 | CVE-2020-36377 | OS Command Injection vulnerability in Aaptjs Project Aaptjs 1.3.1 An issue was discovered in the dump function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters. | 9.8 |
| 2021-10-31 | CVE-2020-36378 | OS Command Injection vulnerability in Aaptjs Project Aaptjs 1.3.1 An issue was discovered in the packageCmd function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters. | 9.8 |
| 2021-10-31 | CVE-2020-36379 | OS Command Injection vulnerability in Aaptjs Project Aaptjs 1.3.1 An issue was discovered in the remove function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters. | 9.8 |
| 2021-10-31 | CVE-2020-36380 | OS Command Injection vulnerability in Aaptjs Project Aaptjs 1.3.1 An issue was discovered in the crunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters. | 9.8 |
| 2021-10-31 | CVE-2020-36381 | OS Command Injection vulnerability in Aaptjs Project Aaptjs 1.3.1 An issue was discovered in the singleCrunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters. | 9.8 |
| 2021-10-27 | CVE-2021-34755 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. | 7.8 |
| 2021-10-27 | CVE-2021-34756 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. | 7.8 |
| 2021-10-26 | CVE-2011-2195 | OS Command Injection vulnerability in Websvn 2.3.2 A flaw was found in WebSVN 2.3.2. | 9.8 |
| 2021-10-26 | CVE-2021-20837 | OS Command Injection vulnerability in Sixapart Movable Type Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Type 6.8.2 and earlier (Movable Type 6 Series), Movable Type Advanced 7 r.5002 and earlier (Movable Type Advanced 7 Series), Movable Type Advanced 6.8.2 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.46 and earlier, and Movable Type Premium Advanced 1.46 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors. | 9.8 |
| 2021-10-25 | CVE-2021-38294 | OS Command Injection vulnerability in Apache Storm A Command Injection vulnerability exists in the getTopologyHistory service of the Apache Storm 2.x prior to 2.2.1 and Apache Storm 1.x prior to 1.2.4. | 9.8 |