Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-09 | CVE-2020-6757 | OS Command Injection vulnerability in Rasilient Pixelstor 5000 Firmware 4.0.158020150629 contentHostProperties.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows authenticated attackers to remotely execute code via the name parameter. | 8.8 |
| 2020-01-09 | CVE-2020-6756 | OS Command Injection vulnerability in Rasilient Pixelstor 5000 Firmware 4.0.158020150629 languageOptions.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows unauthenticated attackers to remotely execute code via the lang parameter. | 9.8 |
| 2020-01-09 | CVE-2019-20224 | OS Command Injection vulnerability in Artica Pandora FMS 7.0Ng netflow_get_stats in functions_netflow.php in Pandora FMS 7.0NG allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ip_src parameter in an index.php?operation/netflow/nf_live_view request. | 8.8 |
| 2020-01-09 | CVE-2014-2650 | OS Command Injection vulnerability in Atos products Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP has an OS command injection vulnerability in the web based management interface | 9.8 |
| 2020-01-08 | CVE-2019-10777 | OS Command Injection vulnerability in Amazon AWS Lambda In aws-lambda versions prior to version 1.0.5, the "config.FunctioName" is used to construct the argument used within the "exec" function without any sanitization. | 9.8 |
| 2020-01-08 | CVE-2019-10778 | OS Command Injection vulnerability in Devcert-Sanscache Project Devcert-Sanscache devcert-sanscache before 0.4.7 allows remote attackers to execute arbitrary code or cause a Command Injection via the exec function. | 9.8 |
| 2020-01-07 | CVE-2019-17148 | OS Command Injection vulnerability in Parallels Desktop 14.1.3 This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop version 14.1.3 (45485). | 7.8 |
| 2020-01-07 | CVE-2019-10776 | OS Command Injection vulnerability in Git-Diff-Apply Project Git-Diff-Apply In "index.js" file line 240, the run command executes the git command with a user controlled variable called remoteUrl. | 9.8 |
| 2020-01-06 | CVE-2019-20348 | OS Command Injection vulnerability in Okerthai G232V1 Firmware 1.03.02.20161129 OKER G232V1 v1.03.02.20161129 devices provide a root terminal on a UART serial interface without proper access control. | 6.8 |
| 2020-01-06 | CVE-2019-19509 | OS Command Injection vulnerability in Rconfig 3.9.3 An issue was discovered in rConfig 3.9.3. | 8.8 |