Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-06 | CVE-2021-21527 | OS Command Injection vulnerability in Dell EMC Powerscale Onefs 9.0.0.0/9.1.0.0 Dell PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. | 6.7 |
| 2021-05-06 | CVE-2021-21550 | OS Command Injection vulnerability in Dell EMC Powerscale Onefs Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. | 6.7 |
| 2021-05-06 | CVE-2021-26543 | OS Command Injection vulnerability in Wayfair Git-Parse 1.0.2/1.0.3/1.0.4 The "gitDiff" function in Wayfair git-parse <=1.0.4 has a command injection vulnerability. | 8.8 |
| 2021-05-04 | CVE-2020-21999 | OS Command Injection vulnerability in IWT Facesentry Access Control System Firmware 5.7.0/5.7.2/6.4.8 iWT Ltd FaceSentry Access Control System 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. | 8.8 |
| 2021-05-03 | CVE-2021-29369 | OS Command Injection vulnerability in Gnuplot Project Gnuplot 0.0.1/0.0.2 The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands. | 9.8 |
| 2021-04-30 | CVE-2021-21530 | OS Command Injection vulnerability in Dell Openmanage Enterprise-Modular Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. | 8.8 |
| 2021-04-29 | CVE-2021-1488 | OS Command Injection vulnerability in Cisco products A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject commands that could be executed with root privileges on the underlying operating system (OS). | 6.7 |
| 2021-04-29 | CVE-2021-1448 | OS Command Injection vulnerability in Cisco Firepower Threat Defense A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device that is running in multi-instance mode. | 7.8 |
| 2021-04-29 | CVE-2021-21388 | OS Command Injection vulnerability in Systeminformation systeminformation is an open source system and OS information library for node.js. | 9.8 |
| 2021-04-29 | CVE-2021-30233 | OS Command Injection vulnerability in Chinamobile AN Lianbao Wf-1 Firmware 1.0.1 The api/ZRIptv/setIptvInfo interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the iptv_vlan parameter. | 9.8 |