Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-02 | CVE-2020-7620 | OS Command Injection vulnerability in Netease Pomelo-Monitor 0.3.5/0.3.6/0.3.7 pomelo-monitor through 0.3.7 is vulnerable to Command Injection.It allows injection of arbitrary commands as part of 'pomelo-monitor' params. | 9.8 |
| 2020-04-02 | CVE-2020-7619 | OS Command Injection vulnerability in Get-Git-Data Project Get-Git-Data get-git-data through 1.3.1 is vulnerable to Command Injection. | 9.8 |
| 2020-04-02 | CVE-2020-11490 | OS Command Injection vulnerability in Zevenet ZEN Load Balancer 3.10.1 Manage::Certificates in Zen Load Balancer 3.10.1 allows remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the index.cgi cert_issuer, cert_division, cert_organization, cert_locality, cert_state, cert_country, or cert_email parameter. | 7.2 |
| 2020-03-31 | CVE-2020-4242 | OS Command Injection vulnerability in IBM Spectrum Protect Plus and Spectrum Scale IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 8.8 |
| 2020-03-31 | CVE-2020-4241 | OS Command Injection vulnerability in IBM Spectrum Protect Plus and Spectrum Scale IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 8.8 |
| 2020-03-31 | CVE-2020-4206 | OS Command Injection vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to execute arbitrary commands on the system in the context of root user, caused by improper validation of user-supplied input. | 8.8 |
| 2020-03-30 | CVE-2019-19606 | OS Command Injection vulnerability in X-Plane X-Plane before 11.41 has multiple improper path validations that could allow reading and writing files from/to arbitrary paths (or a leak of OS credentials to a remote system) via crafted network packets. | 9.8 |
| 2020-03-25 | CVE-2020-10886 | OS Command Injection vulnerability in Tp-Link Ac1750 Firmware 190726 This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. | 9.8 |
| 2020-03-25 | CVE-2020-10882 | OS Command Injection vulnerability in Tp-Link Ac1750 Firmware 190726 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. | 8.8 |
| 2020-03-25 | CVE-2020-5282 | OS Command Injection vulnerability in Nick Chan BOT Project Nick Chan BOT 1.0.0 In Nick Chan Bot before version 1.0.0-beta there is a vulnerability in the `npm` command which is part of this software package. | 9.8 |