Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-04 | CVE-2019-10788 | OS Command Injection vulnerability in DNT Im-Metadata im-metadata through 3.0.1 allows remote attackers to execute arbitrary commands via the "exec" argument. | 9.8 |
| 2020-02-04 | CVE-2019-10787 | OS Command Injection vulnerability in DNT Im-Resize im-resize through 2.3.2 allows remote attackers to execute arbitrary commands via the "exec" argument. | 9.8 |
| 2020-02-04 | CVE-2019-10786 | OS Command Injection vulnerability in Network-Manager Project Network-Manager 1.0.0/1.0.1/1.0.2 network-manager through 1.0.2 allows remote attackers to execute arbitrary commands via the "execSync()" argument. | 9.8 |
| 2020-02-04 | CVE-2015-3611 | OS Command Injection vulnerability in Fortinet Fortimanager A Command Injection vulnerability exists in FortiManager 5.2.1 and earlier and FortiManager 5.0.10 and earlier via unspecified vectors, which could let a malicious user run systems commands when executing a report. | 8.8 |
| 2020-02-01 | CVE-2020-8515 | OS Command Injection vulnerability in Draytek products DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. | 9.8 |
| 2020-01-31 | CVE-2013-3322 | OS Command Injection vulnerability in Netapp Oncommand System Manager 2.0.2/2.1 NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to inject arbitrary commands in the Halt/Reboot interface. | 7.2 |
| 2020-01-30 | CVE-2020-1931 | OS Command Injection vulnerability in Apache Spamassassin A command execution issue was found in Apache SpamAssassin prior to 3.4.3. | 8.1 |
| 2020-01-30 | CVE-2020-1930 | OS Command Injection vulnerability in Apache Spamassassin A command execution issue was found in Apache SpamAssassin prior to 3.4.3. | 8.1 |
| 2020-01-30 | CVE-2019-20050 | OS Command Injection vulnerability in Artica Pandora FMS 7.42 Pandora FMS = 7.42 suffers from a remote code execution vulnerability. | 6.8 |
| 2020-01-29 | CVE-2020-8438 | OS Command Injection vulnerability in Arris Ruckus Zoneflex R500 Firmware 104.0.0.0.1347 Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated attacker to execute arbitrary OS commands via the hidden /forms/nslookupHandler form, as demonstrated by the nslookuptarget=|cat${IFS} substring. | 7.2 |