Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-19 | CVE-2019-1010245 | OS Command Injection vulnerability in Linuxfoundation Open Network Operating System The Linux Foundation ONOS SDN Controller 1.15 and earlier versions is affected by: Improper Input Validation. | 9.8 |
| 2019-07-17 | CVE-2019-13640 | OS Command Injection vulnerability in Qbittorrent In qBittorrent before 4.1.7, the function Application::runExternalProgram() located in app/application.cpp allows command injection via shell metacharacters in the torrent name parameter or current tracker parameter, as demonstrated by remote command execution via a crafted name within an RSS feed. | 9.8 |
| 2019-07-16 | CVE-2019-12992 | OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 6 of 6). | 8.8 |
| 2019-07-16 | CVE-2019-12991 | OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 5 of 6). | 8.8 |
| 2019-07-16 | CVE-2019-12988 | OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6). | 9.8 |
| 2019-07-16 | CVE-2019-12987 | OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6). | 9.8 |
| 2019-07-16 | CVE-2019-12986 | OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6). | 9.8 |
| 2019-07-16 | CVE-2019-12985 | OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6). | 9.8 |
| 2019-07-16 | CVE-2019-1576 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os 9.0.0/9.0.1/9.0.2 Command injection in PAN-0S 9.0.2 and earlier may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s permissions. | 8.8 |
| 2019-07-14 | CVE-2019-13598 | OS Command Injection vulnerability in Getvera Vera Edge Firmware 1.7.4452 LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via the code parameter to /port_3480/data_request because the "No unsafe lua allowed" code block is skipped. | 9.8 |