Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-07 | CVE-2018-10697 | OS Command Injection vulnerability in Moxa Awk-3121 Firmware 1.14 An issue was discovered on Moxa AWK-3121 1.14 devices. | 8.8 |
| 2019-06-07 | CVE-2018-5265 | OS Command Injection vulnerability in UI Edgeos 1.9.1 Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters. | 7.2 |
| 2019-06-07 | CVE-2019-12771 | OS Command Injection vulnerability in Thinstation Project Thinstation Command injection is possible in ThinStation through 6.1.1 via shell metacharacters after the cgi-bin/CdControl.cgi action= substring, or after the cgi-bin/VolControl.cgi OK= substring. | 9.8 |
| 2019-06-05 | CVE-2019-9156 | OS Command Injection vulnerability in Gemalto Ezio DS3 Server 2.6.1 Gemalto DS3 Authentication Server 2.6.1-SP01 allows OS Command Injection. | 8.0 |
| 2019-06-05 | CVE-2019-12739 | OS Command Injection vulnerability in Nextcloud Extract lib/Controller/ExtractionController.php in the Extract add-on before 1.2.0 for Nextcloud allows Remote Code Execution via shell metacharacters in a RAR filename via ajax/extractRar.php (nameOfFile and directory parameters). | 8.8 |
| 2019-06-05 | CVE-2019-12735 | OS Command Injection vulnerability in multiple products getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim. | 8.6 |
| 2019-06-05 | CVE-2019-10149 | OS Command Injection vulnerability in multiple products A flaw was found in Exim versions 4.87 to 4.91 (inclusive). | 9.8 |
| 2019-06-03 | CVE-2019-10883 | OS Command Injection vulnerability in Citrix Sd-Wan Center and Netscaler Sd-Wan Center Citrix SD-WAN Center 10.2.x before 10.2.1 and NetScaler SD-WAN Center 10.0.x before 10.0.7 allow Command Injection. | 9.8 |
| 2019-06-03 | CVE-2019-6738 | OS Command Injection vulnerability in Bitdefender Safepay 23.0.10.34 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. | 8.8 |
| 2019-06-03 | CVE-2019-6736 | OS Command Injection vulnerability in Bitdefender Safepay 23.0.10.34 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. | 8.8 |