Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-20 | CVE-2024-1297 | OS Command Injection vulnerability in Loomio 2.22.0 Loomio version 2.22.0 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to OS Command Injection. | 9.8 |
| 2024-02-19 | CVE-2023-6260 | OS Command Injection vulnerability in Brivo Acs100 Firmware and Acs300 Firmware Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from 5.2.4 before 6.2.4.3. | 8.8 |
| 2024-02-19 | CVE-2024-25626 | OS Command Injection vulnerability in Linuxfoundation Yocto Yocto Project is an open source collaboration project that helps developers create custom Linux-based systems regardless of the hardware architecture. | 9.8 |
| 2024-02-17 | CVE-2024-25468 | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113 An issue in TOTOLINK X5000R V.9.1.0u.6369_B20230113 allows a remote attacker to cause a denial of service via the host_time parameter of the NTPSyncWithHost component. | 7.5 |
| 2024-02-16 | CVE-2024-22426 | OS Command Injection vulnerability in Dell Recoverpoint for Virtual Machines 5.3/6.0 Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains an OS Command injection vulnerability. | 9.8 |
| 2024-02-15 | CVE-2023-32462 | OS Command Injection vulnerability in Dell Smartfabric Os10 Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection vulnerability when using remote user authentication. | 9.8 |
| 2024-02-14 | CVE-2024-1367 | OS Command Injection vulnerability in Tenable Security Center 6.3.0 A command injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Logging parameters, which could lead to the execution of arbitrary code on the Security Center host. | 7.2 |
| 2024-02-14 | CVE-2024-21782 | OS Command Injection vulnerability in F5 products BIG-IP or BIG-IQ Resource Administrators and Certificate Managers who have access to the secure copy (scp) utility but do not have access to Advanced shell (bash) can execute arbitrary commands with a specially crafted command string. | 6.7 |
| 2024-02-12 | CVE-2024-0164 | OS Command Injection vulnerability in Dell Unity Operating Environment Dell Unity, versions prior to 5.4, contain an OS Command Injection Vulnerability in its svc_topstats utility. | 7.8 |
| 2024-02-12 | CVE-2024-0165 | OS Command Injection vulnerability in Dell Unity Operating Environment Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_acldb_dump utility. | 7.8 |