Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-11 | CVE-2021-21976 | OS Command Injection vulnerability in VMWare Vsphere Replication vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6.5.x prior to 6.5.1.5 contain a post-authentication command injection vulnerability which may allow an authenticated admin user to perform a remote code execution. | 7.2 |
| 2021-02-09 | CVE-2020-26193 | OS Command Injection vulnerability in Dell EMC Powerscale Onefs Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. | 7.8 |
| 2021-02-08 | CVE-2021-22502 | OS Command Injection vulnerability in Microfocus Operation Bridge Reporter 10.40 Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. | 9.8 |
| 2021-02-08 | CVE-2021-26541 | OS Command Injection vulnerability in Gitlog Project Gitlog The gitlog function in src/index.ts in gitlog before 4.0.4 has a command injection vulnerability. | 9.8 |
| 2021-02-08 | CVE-2020-11920 | OS Command Injection vulnerability in Svakom Siime EYE Firmware 14.1.00000001.3.330.0.0.3.14 An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. | 9.8 |
| 2021-02-07 | CVE-2021-3122 | OS Command Injection vulnerability in NCR Command Center Agent 16.3 CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a runCommand parameter (within an XML document sent to port 8089) that enables the remote, unauthenticated execution of an arbitrary command as SYSTEM, as exploited in the wild in 2020 and/or 2021. | 9.8 |
| 2021-02-07 | CVE-2020-36243 | OS Command Injection vulnerability in Open-Emr Openemr 5.0.2.1 The Patient Portal of OpenEMR 5.0.2.1 is affected by a Command Injection vulnerability in /interface/main/backup.php. | 8.8 |
| 2021-02-04 | CVE-2021-1318 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. | 7.2 |
| 2021-02-04 | CVE-2021-1317 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. | 7.2 |
| 2021-02-04 | CVE-2021-1316 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. | 7.2 |