Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2024-01-11 CVE-2024-21773 OS Command Injection vulnerability in Tp-Link products
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands on the product that has pre-specified target devices and blocked URLs in parental control settings.
low complexity
tp-link CWE-78
8.8
2024-01-11 CVE-2024-21821 OS Command Injection vulnerability in Tp-Link products
Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands.
low complexity
tp-link CWE-78
8.0
2024-01-11 CVE-2024-21833 OS Command Injection vulnerability in Tp-Link products
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands.
low complexity
tp-link CWE-78
8.8
2024-01-08 CVE-2023-35959 OS Command Injection vulnerability in Tonybybell Gtkwave 3.3.115
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
local
low complexity
tonybybell CWE-78
7.8
2024-01-08 CVE-2023-35960 OS Command Injection vulnerability in Tonybybell Gtkwave 3.3.115
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
local
low complexity
tonybybell CWE-78
7.8
2024-01-08 CVE-2023-35961 OS Command Injection vulnerability in Tonybybell Gtkwave 3.3.115
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
local
low complexity
tonybybell CWE-78
7.8
2024-01-08 CVE-2023-35962 OS Command Injection vulnerability in Tonybybell Gtkwave 3.3.115
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
local
low complexity
tonybybell CWE-78
7.8
2024-01-08 CVE-2023-35963 OS Command Injection vulnerability in Tonybybell Gtkwave 3.3.115
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
local
low complexity
tonybybell CWE-78
7.8
2024-01-08 CVE-2023-35964 OS Command Injection vulnerability in Tonybybell Gtkwave 3.3.115
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
local
low complexity
tonybybell CWE-78
7.8
2024-01-08 CVE-2023-29048 OS Command Injection vulnerability in Open-Xchange OX APP Suite 7.10.5/7.10.6
A component for parsing OXMF templates could be abused to execute arbitrary system commands that would be executed as the non-privileged runtime user.
network
low complexity
open-xchange CWE-78
8.8