Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-21 | CVE-2020-26284 | OS Command Injection vulnerability in Gohugo Hugo Hugo is a fast and Flexible Static Site Generator built in Go. | 8.5 |
| 2020-12-21 | CVE-2020-35606 | OS Command Injection vulnerability in Webmin Arbitrary command execution can occur in Webmin through 1.962. | 8.8 |
| 2020-12-18 | CVE-2020-25494 | OS Command Injection vulnerability in Xinuos Openserver 5.0.7/6.0 Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook. | 9.8 |
| 2020-12-17 | CVE-2020-12522 | OS Command Injection vulnerability in Wago products The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago Touch Panel 600 Standard Line (762-4xxx), Series Wago Touch Panel 600 Advanced Line (762-5xxx), Series Wago Touch Panel 600 Marine Line (762-6xxx) with firmware versions <=FW10. | 9.8 |
| 2020-12-17 | CVE-2020-8466 | OS Command Injection vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hashing method enabled, could allow an unauthenticated attacker to execute certain commands by providing a manipulated password. | 9.8 |
| 2020-12-17 | CVE-2020-25094 | OS Command Injection vulnerability in Logrhythm Platform Manager 7.4.9 LogRhythm Platform Manager 7.4.9 allows Command Injection. | 9.8 |
| 2020-12-16 | CVE-2020-26274 | OS Command Injection vulnerability in Systeminformation In systeminformation (npm package) before version 4.31.1 there is a command injection vulnerability. | 8.8 |
| 2020-12-16 | CVE-2019-14479 | OS Command Injection vulnerability in Adremsoft Netcrunch 10.6.0.4587 AdRem NetCrunch 10.6.0.4587 allows Remote Code Execution. | 8.8 |
| 2020-12-16 | CVE-2020-25618 | OS Command Injection vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. | 8.8 |
| 2020-12-16 | CVE-2020-35476 | OS Command Injection vulnerability in Opentsdb A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 via command injection in the yrange parameter. | 9.8 |