Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-15 | CVE-2021-23356 | OS Command Injection vulnerability in Kill-Process-By-Name Project Kill-Process-By-Name This affects all versions of package kill-process-by-name. | 9.8 |
| 2021-03-15 | CVE-2021-23355 | OS Command Injection vulnerability in Ps-Kill Project Ps-Kill This affects all versions of package ps-kill. | 9.8 |
| 2021-03-13 | CVE-2021-20017 | OS Command Injection vulnerability in Sonicwall Sma100 Firmware 10.2.0.0/10.2.0.220Sv/10.2.0.5 A post-authenticated command injection vulnerability in SonicWall SMA100 allows an authenticated attacker to execute OS commands as a 'nobody' user. | 8.8 |
| 2021-03-11 | CVE-2021-28143 | OS Command Injection vulnerability in Dlink Dir-841 Firmware 3.03/3.04 /jsonrpc on D-Link DIR-841 3.03 and 3.04 devices allows authenticated command injection via ping, ping6, or traceroute (under System Tools). | 8.0 |
| 2021-03-11 | CVE-2021-28144 | OS Command Injection vulnerability in Dlink Dir-3060 Firmware prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely. | 8.8 |
| 2021-03-11 | CVE-2021-28132 | OS Command Injection vulnerability in Lucysecurity Security Awareness LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution because the Migration Tool (in the Support section) allows upload of .php files within a system.tar.gz file. | 9.8 |
| 2021-03-09 | CVE-2021-24033 | OS Command Injection vulnerability in Facebook React-Dev-Utils react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a command string to be executed. | 5.6 |
| 2021-03-08 | CVE-2021-21503 | OS Command Injection vulnerability in Dell EMC Powerscale Onefs 8.1.2/8.2.2/9.1.0 PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command. | 7.8 |
| 2021-03-08 | CVE-2020-27575 | OS Command Injection vulnerability in Maxum Rumpus 8.2.13/8.2.14 Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. | 8.8 |
| 2021-03-05 | CVE-2021-26970 | OS Command Injection vulnerability in Arubanetworks Airwave A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. | 6.3 |