Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-13 | CVE-2017-3936 | OS Command Injection vulnerability in Mcafee Epolicy Orchestrator OS Command Injection vulnerability in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, 5.3.1, 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows attackers to run arbitrary OS commands with limited privileges via not sanitizing the user input data before exporting it into a CSV format output. | 9.8 |
| 2018-06-13 | CVE-2018-12268 | OS Command Injection vulnerability in Acccheck Project Acccheck.Pl 0.2.1 acccheck.pl in acccheck 0.2.1 allows Command Injection via shell metacharacters in a username or password file, as demonstrated by injection into an smbclient command line. | 9.8 |
| 2018-06-11 | CVE-2018-6961 | OS Command Injection vulnerability in VMWare NSX Sd-Wan BY Velocloud VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection vulnerability in the local web UI component. | 8.1 |
| 2018-06-08 | CVE-2018-11229 | OS Command Injection vulnerability in Crestron Toolbox Protocol Firmware 1.502.0047.001 Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via command injection in Crestron Toolbox Protocol (CTP). | 9.8 |
| 2018-06-07 | CVE-2018-0274 | OS Command Injection vulnerability in Cisco Network Services Orchestrator A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. | 8.8 |
| 2018-06-05 | CVE-2017-7637 | OS Command Injection vulnerability in Qnap NAS Proxy Server QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to run arbitrary OS commands against the system with root privileges. | 9.8 |
| 2018-06-05 | CVE-2018-6662 | OS Command Injection vulnerability in Mcafee Management of Native Encryption Privilege Escalation vulnerability in McAfee Management of Native Encryption (MNE) before 4.1.4 allows local users to gain elevated privileges via a crafted user input. | 7.8 |
| 2018-06-04 | CVE-2017-16042 | OS Command Injection vulnerability in Growl Project Growl Growl adds growl notification support to nodejs. | 9.8 |
| 2018-06-02 | CVE-2018-11189 | OS Command Injection vulnerability in Quest Disk Backup Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 1 of 6). | 8.8 |
| 2018-06-02 | CVE-2018-11188 | OS Command Injection vulnerability in Quest Disk Backup Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 46 of 46). | 8.8 |