Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-26	CVE-2023-38319	OS Command Injection vulnerability in Opennds An issue was discovered in OpenNDS before 10.1.3. network low complexity opennds CWE-78 critical	9.8
2024-01-26	CVE-2023-38323	OS Command Injection vulnerability in Opennds An issue was discovered in OpenNDS before 10.1.3. network low complexity opennds CWE-78 critical	9.8
2024-01-24	CVE-2024-22366	OS Command Injection vulnerability in Yamaha products Active debug code exists in Yamaha wireless LAN access point devices. low complexity yamaha CWE-78	6.8
2024-01-24	CVE-2024-22372	OS Command Injection vulnerability in Elecom products OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product. low complexity elecom CWE-78	6.8
2024-01-24	CVE-2023-31037	OS Command Injection vulnerability in Nvidia Bluefield BMC NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root user may cause code injection by a network call. network low complexity nvidia CWE-78	7.2
2024-01-23	CVE-2023-6926	OS Command Injection vulnerability in Crestron Am-300 Firmware 1.4499.00018 There is an OS command injection vulnerability in Crestron AM-300 firmware version 1.4499.00018 which may enable a user of a limited-access SSH session to escalate their privileges to root-level access. local low complexity crestron CWE-78	7.8
2024-01-22	CVE-2024-0778	OS Command Injection vulnerability in Uniview ISC 2500-S Firmware 20210930 UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in Uniview ISC 2500-S up to 20210930. network low complexity uniview CWE-78 critical	9.8
2024-01-19	CVE-2023-49329	OS Command Injection vulnerability in Anomali Match 4.3/4.5.0/4.6.0 Anomali Match before 4.6.2 allows OS Command Injection. network low complexity anomali CWE-78	7.2
2024-01-19	CVE-2024-0714	OS Command Injection vulnerability in Sourcefabric Phoniebox A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.5.0. network low complexity sourcefabric CWE-78 critical	9.8
2024-01-18	CVE-2023-51217	OS Command Injection vulnerability in Tenhot Tws-200 Firmware 4.0201809201424 An issue discovered in TenghuTOS TWS-200 firmware version:V4.0-201809201424 allows a remote attacker to execute arbitrary code via crafted command on the ping page component. network low complexity tenhot CWE-78	8.8