Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2024-02-12 CVE-2024-22225 OS Command Injection vulnerability in Dell Unity Operating Environment
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_supportassist utility.
local
low complexity
dell CWE-78
7.8
2024-02-12 CVE-2024-22227 OS Command Injection vulnerability in Dell Unity Operating Environment
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_dc utility.
local
low complexity
dell CWE-78
7.8
2024-02-12 CVE-2024-22228 OS Command Injection vulnerability in Dell Unity Operating Environment
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cifssupport utility.
local
low complexity
dell CWE-78
7.8
2024-02-08 CVE-2024-22836 OS Command Injection vulnerability in Akaunting
An OS command injection vulnerability exists in Akaunting v3.1.3 and earlier.
network
low complexity
akaunting CWE-78
critical
9.8
2024-02-08 CVE-2024-24091 OS Command Injection vulnerability in Yealink Meeting Server
Yealink Meeting Server before v26.0.0.66 was discovered to contain an OS command injection vulnerability via the file upload interface.
network
low complexity
yealink CWE-78
critical
9.8
2024-02-06 CVE-2023-46359 OS Command Injection vulnerability in Hardy-Barth Cph2 Echarge Firmware
An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature.
network
low complexity
hardy-barth CWE-78
critical
9.8
2024-02-05 CVE-2024-23109 OS Command Injection vulnerability in Fortinet Fortisiem
An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests.
network
low complexity
fortinet CWE-78
critical
9.8
2024-02-02 CVE-2023-41281 OS Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud
An OS command injection vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-78
7.2
2024-02-02 CVE-2023-41282 OS Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud
An OS command injection vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-78
7.2
2024-02-01 CVE-2023-6078 OS Command Injection vulnerability in 3DS Biovia Materials Studio 2021/2023
An OS Command Injection vulnerability exists in BIOVIA Materials Studio products from Release BIOVIA 2021 through Release BIOVIA 2023.
network
low complexity
3ds CWE-78
critical
9.8