Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-28 | CVE-2019-1745 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with elevated privileges. | 7.8 |
| 2019-03-26 | CVE-2019-10061 | OS Command Injection vulnerability in Node-Opencv Project Node-Opencv utils/find-opencv.js in node-opencv (aka OpenCV bindings for Node.js) prior to 6.1.0 is vulnerable to Command Injection. | 9.8 |
| 2019-03-21 | CVE-2018-3969 | OS Command Injection vulnerability in Getcujo Smart Firewall 7003 An exploitable vulnerability exists in the verified boot protection of the CUJO Smart Firewall. | 7.8 |
| 2019-03-21 | CVE-2019-7385 | OS Command Injection vulnerability in Raisecom products An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below, The values of the newpass and confpass parameters in /bin/WebMGR are used in a system call in the firmware. | 7.8 |
| 2019-03-21 | CVE-2019-7384 | OS Command Injection vulnerability in Raisecom products An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below. | 7.8 |
| 2019-03-21 | CVE-2019-7383 | OS Command Injection vulnerability in Systrome products An issue was discovered on Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W devices with firmware V1.1-R2.1_TRUNK-20181105.bin. | 7.8 |
| 2019-03-21 | CVE-2019-5414 | OS Command Injection vulnerability in Kill-Port Project Kill-Port If an attacker can control the port, which in itself is a very sensitive value, they can inject arbitrary OS commands due to the usage of the exec function in a third-party module kill-port < 1.3.2. | 8.1 |
| 2019-03-21 | CVE-2018-20323 | OS Command Injection vulnerability in Mailcleaner 2018.08 www/soap/application/MCSoap/Logs.php in MailCleaner Community Edition 2018.08 allows remote attackers to execute arbitrary OS commands. | 8.8 |
| 2019-03-21 | CVE-2018-20218 | OS Command Injection vulnerability in Teracue products An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. | 9.8 |
| 2019-03-14 | CVE-2019-9785 | OS Command Injection vulnerability in Gitnoteapp Gitnote 3.1.0 gitnote 3.1.0 allows remote attackers to execute arbitrary code via a crafted Markdown file, as demonstrated by a javascript:window.parent.top.require('child_process').execFile substring in the onerror attribute of an IMG element. | 7.8 |