Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-09 | CVE-2020-10603 | OS Command Injection vulnerability in Advantech Webaccess/Nms 2.0.3 WebAccess/NMS (versions prior to 3.0.2) does not properly sanitize user input and may allow an attacker to inject system commands remotely. | 8.8 |
| 2020-04-07 | CVE-2020-7615 | OS Command Injection vulnerability in FSA Project FSA 0.5.1 fsa through 0.5.1 is vulnerable to Command Injection. | 7.8 |
| 2020-04-07 | CVE-2020-7614 | OS Command Injection vulnerability in Npm-Programmatic Project Npm-Programmatic 0.0.12 npm-programmatic through 0.0.12 is vulnerable to Command Injection.The packages and option properties are concatenated together without any validation and are used by the 'exec' function directly. | 9.8 |
| 2020-04-07 | CVE-2020-7613 | OS Command Injection vulnerability in Clamscan Project Clamscan clamscan through 1.2.0 is vulnerable to Command Injection. | 8.1 |
| 2020-04-06 | CVE-2020-11581 | OS Command Injection vulnerability in Pulsesecure Pulse Connect Secure 7.1/7.4 An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. | 8.1 |
| 2020-04-06 | CVE-2020-7636 | OS Command Injection vulnerability in Adb-Driver Project Adb-Driver adb-driver through 0.1.8 is vulnerable to Command Injection.It allows execution of arbitrary commands via the command function. | 9.8 |
| 2020-04-06 | CVE-2020-7635 | OS Command Injection vulnerability in Compass-Compile Project Compass-Compile 0.0.1 compass-compile through 0.0.1 is vulnerable to Command Injection.It allows execution of arbitrary commands via tha options argument. | 9.8 |
| 2020-04-06 | CVE-2020-7634 | OS Command Injection vulnerability in Heroku-Addonpool Project Heroku-Addonpool heroku-addonpool through 0.1.15 is vulnerable to Command Injection. | 9.8 |
| 2020-04-06 | CVE-2020-7633 | OS Command Injection vulnerability in Apiconnect-Cli-Plugins Project Apiconnect-Cli-Plugins apiconnect-cli-plugins through 6.0.1 is vulnerable to Command Injection.It allows execution of arbitrary commands via the pluginUri argument. | 9.8 |
| 2020-04-06 | CVE-2020-7632 | OS Command Injection vulnerability in Node-Mpv Project Node-Mpv node-mpv through 1.4.3 is vulnerable to Command Injection. | 9.8 |