Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-25 | CVE-2021-1584 | OS Command Injection vulnerability in Cisco Nx-Os 14.2(7F) A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to elevate privileges on an affected device. | 6.7 |
| 2021-08-25 | CVE-2021-39159 | OS Command Injection vulnerability in Jupyter Binderhub BinderHub is a kubernetes-based cloud service that allows users to share reproducible interactive computing environments from code repositories. | 9.8 |
| 2021-08-25 | CVE-2021-39160 | OS Command Injection vulnerability in Jupyterhub Nbgitpuller 0.10.0/0.10.1/0.9.0 nbgitpuller is a Jupyter server extension to sync a git repository one-way to a local path. | 8.8 |
| 2021-08-24 | CVE-2021-38306 | OS Command Injection vulnerability in LG N1T1 Firmware Network Attached Storage on LG N1T1*** 10124 devices allows an unauthenticated attacker to gain root access via OS command injection in the en/ajp/plugins/access.ssh/checkInstall.php destServer parameter. | 9.8 |
| 2021-08-24 | CVE-2021-33191 | OS Command Injection vulnerability in Apache Nifi Minifi C++ 0.5.0/0.6.0/0.9.0 From Apache NiFi MiNiFi C++ version 0.5.0 the c2 protocol implements an "agent-update" command which was designed to patch the application binary. | 9.8 |
| 2021-08-23 | CVE-2021-39244 | OS Command Injection vulnerability in Altus products Authenticated Semi-Blind Command Injection (via Parameter Injection) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via the getlogs.cgi tcpdump feature. | 8.8 |
| 2021-08-18 | CVE-2020-22345 | OS Command Injection vulnerability in Centreon 19.10.8 /graphStatus/displayServiceStatus.php in Centreon 19.10.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the RRDdatabase_path parameter. | 8.8 |
| 2021-08-17 | CVE-2021-3459 | OS Command Injection vulnerability in Motorola Mm1000 Firmware A privilege escalation vulnerability was reported in the MM1000 device configuration web server, which could allow privileged shell access and/or arbitrary privileged commands to be executed on the adapter. | 6.8 |
| 2021-08-16 | CVE-2021-21599 | OS Command Injection vulnerability in Dell EMC Powerscale Onefs Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability. | 6.7 |
| 2021-08-16 | CVE-2021-32826 | OS Command Injection vulnerability in Proxyee-Down Project Proxyee-Down Proxyee-Down is open source proxy software. | 8.1 |