Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2020-03-18 CVE-2019-11689 OS Command Injection vulnerability in Asustor Exfat Driver 1.0.0
An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20.
network
high complexity
asustor CWE-78
8.1
8.1
2020-03-16 CVE-2019-19940 OS Command Injection vulnerability in Swisscom Centro Grande Firmware 6.12.02/6.14.00
Incorrect input sanitation in text-oriented user interfaces (telnet, ssh) in Swisscom Centro Grande before 6.16.12 allows remote authenticated users to execute arbitrary commands via command injection.
network
low complexity
swisscom CWE-78
7.2
7.2
2020-03-15 CVE-2019-15708 OS Command Injection vulnerability in Fortinet products
A system command injection vulnerability in the FortiAP-S/W2 6.2.1, 6.2.0, 6.0.5 and below, FortiAP 6.0.5 and below and FortiAP-U below 6.0.0 under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted ifconfig commands.
local
low complexity
fortinet CWE-78
6.7
6.7
2020-03-15 CVE-2020-7607 OS Command Injection vulnerability in Gulp-Styledocco Project Gulp-Styledocco 0.0.1/0.0.2/0.0.3
gulp-styledocco through 0.0.3 allows execution of arbitrary commands.
network
low complexity
gulp-styledocco-project CWE-78
critical
 9.8
9.8
2020-03-15 CVE-2020-7606 OS Command Injection vulnerability in Docker-Compose-Remote-Api Project Docker-Compose-Remote-Api
docker-compose-remote-api through 0.1.4 allows execution of arbitrary commands.
network
low complexity
docker-compose-remote-api-project CWE-78
critical
 9.8
9.8
2020-03-15 CVE-2020-7605 OS Command Injection vulnerability in Gulp-Tape Project Gulp-Tape
gulp-tape through 1.0.0 allows execution of arbitrary commands.
network
low complexity
gulp-tape-project CWE-78
critical
 9.8
9.8
2020-03-15 CVE-2020-7604 OS Command Injection vulnerability in Pulverizr Project Pulverizr 0.5.0/0.5.1/0.7.0
pulverizr through 0.7.0 allows execution of arbitrary commands.
network
low complexity
pulverizr-project CWE-78
critical
 9.8
9.8
2020-03-15 CVE-2020-7603 OS Command Injection vulnerability in Closure-Compiler-Stream Project Closure-Compiler-Stream
closure-compiler-stream through 0.1.15 allows execution of arbitrary commands.
network
low complexity
closure-compiler-stream-project CWE-78
critical
 9.8
9.8
2020-03-15 CVE-2020-7602 OS Command Injection vulnerability in Node-Prompt-Here Project Node-Prompt-Here 1.0.1
node-prompt-here through 1.0.1 allows execution of arbitrary commands.
network
low complexity
node-prompt-here-project CWE-78
critical
 9.8
9.8
2020-03-15 CVE-2020-7601 OS Command Injection vulnerability in Gulp-Scss-Lint Project Gulp-Scss-Lint
gulp-scss-lint through 1.0.0 allows execution of arbitrary commands.
network
low complexity
gulp-scss-lint-project CWE-78
critical
 9.8
9.8