Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-14 | CVE-2019-13597 | OS Command Injection vulnerability in Sahipro Sahi PRO 8.0.0 _s_/sprm/_s_/dyn/Player_setScriptFile in Sahi Pro 8.0.0 allows command execution. | 9.8 |
| 2019-07-12 | CVE-2019-13567 | OS Command Injection vulnerability in Zoom The Zoom Client before 4.4.53932.0709 on macOS allows remote code execution, a different vulnerability than CVE-2019-13450. | 8.8 |
| 2019-07-12 | CVE-2019-13574 | OS Command Injection vulnerability in multiple products In lib/mini_magick/image.rb in MiniMagick before 4.9.4, a fetched remote image filename could cause remote command execution because Image.open input is directly passed to Kernel#open, which accepts a '|' character followed by a command. | 7.8 |
| 2019-07-11 | CVE-2019-12579 | OS Command Injection vulnerability in Londontrustmedia Private Internet Access VPN Client 82 A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. | 7.8 |
| 2019-07-11 | CVE-2019-11062 | OS Command Injection vulnerability in Sun.Net Wmpro 5.0/5.1 The SUNNET WMPro v5.0 and v5.1 for eLearning system has OS Command Injection via "/teach/course/doajaxfileupload.php". | 9.8 |
| 2019-07-11 | CVE-2019-13561 | OS Command Injection vulnerability in Dlink Dir-655 Firmware 3.02B05 D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to execute arbitrary commands via shell metacharacters in the online_firmware_check.cgi check_fw_url parameter. | 9.8 |
| 2019-07-10 | CVE-2019-13482 | OS Command Injection vulnerability in Dlink Dir-818Lw Firmware 2.06 An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. | 8.8 |
| 2019-07-10 | CVE-2019-13481 | OS Command Injection vulnerability in Dlink Dir-818Lw Firmware 2.06 An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. | 8.8 |
| 2019-07-10 | CVE-2019-0328 | OS Command Injection vulnerability in SAP Netweaver Process Integration ABAP Tests Modules (SAP Basis, versions 7.0, 7.1, 7.3, 7.31, 7.4, 7.5) of SAP NetWeaver Process Integration enables an attacker the execution of OS commands with privileged rights. | 7.2 |
| 2019-07-10 | CVE-2019-13278 | OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware 1.04B01/2.04/2.04B03 TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple command injections when processing user input for the setup wizard, allowing an unauthenticated user to run arbitrary commands on the device. | 9.8 |