Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-25 | CVE-2021-36296 | OS Command Injection vulnerability in Dell EMC Unity Operating Environment Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. | 7.2 |
| 2022-01-25 | CVE-2021-45844 | OS Command Injection vulnerability in multiple products Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename. | 7.8 |
| 2022-01-25 | CVE-2021-45845 | OS Command Injection vulnerability in multiple products The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document. | 7.8 |
| 2022-01-25 | CVE-2022-23935 | OS Command Injection vulnerability in Exiftool Project Exiftool lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check, leading to command injection. | 7.8 |
| 2022-01-24 | CVE-2021-43589 | OS Command Injection vulnerability in Dell products Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain an operating system (OS) command injection Vulnerability. | 6.7 |
| 2022-01-24 | CVE-2021-44981 | OS Command Injection vulnerability in Quickbox In QuickBox Pro v2.5.8 and below, the config.php file has a variable which takes a GET parameter value and parses it into a shell_exec(''); function without properly sanitizing any shell arguments, therefore remote code execution is possible. | 8.8 |
| 2022-01-19 | CVE-2021-31854 | OS Command Injection vulnerability in Mcafee Agent A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. | 7.8 |
| 2022-01-17 | CVE-2021-38965 | OS Command Injection vulnerability in IBM Filenet Content Manager 5.5.4/5.5.6/5.5.7 IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 8.8 |
| 2022-01-15 | CVE-2021-33827 | OS Command Injection vulnerability in Owncloud Files Antivirus The files_antivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings. | 7.2 |
| 2022-01-14 | CVE-2021-33962 | OS Command Injection vulnerability in Chinamobileltd AN Lianbao WF Firmware-1 1.0.1 China Mobile An Lianbao WF-1 router v1.0.1 is affected by an OS command injection vulnerability in the web interface /api/ZRUsb/pop_usb_device component. | 9.8 |