Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-15 | CVE-2019-1774 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. | 6.7 |
| 2019-05-15 | CVE-2019-1770 | OS Command Injection vulnerability in Cisco Ns-Ox A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. | 6.7 |
| 2019-05-15 | CVE-2019-1769 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system of an attached line card with the privilege level of root. | 6.7 |
| 2019-05-15 | CVE-2019-1767 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. | 6.7 |
| 2019-05-15 | CVE-2019-11224 | OS Command Injection vulnerability in Harman AMX Mvp5150 Firmware 2.87.13 HARMAN AMX MVP5150 v2.87.13 devices allow remote OS Command Injection. | 8.8 |
| 2019-05-15 | CVE-2019-1727 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and issue arbitrary commands to elevate the attacker's privilege level. | 6.7 |
| 2019-05-15 | CVE-2019-1726 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. | 7.8 |
| 2019-05-15 | CVE-2013-7285 | OS Command Injection vulnerability in Xstream Project Xstream Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. | 9.8 |
| 2019-05-15 | CVE-2019-3727 | OS Command Injection vulnerability in Dell products Dell EMC RecoverPoint versions prior to 5.1.3 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an OS command injection vulnerability in the installation feature of Boxmgmt CLI. | 6.7 |
| 2019-05-15 | CVE-2019-3725 | OS Command Injection vulnerability in RSA Netwitness and Security Analytics RSA Netwitness Platform versions prior to 11.2.1.1 and RSA Security Analytics versions prior to 10.6.6.1 are vulnerable to a Command Injection vulnerability due to missing input validation in the product. | 9.8 |