Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2018-06-02 CVE-2018-11150 OS Command Injection vulnerability in Quest Disk Backup
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 8 of 46).
network
low complexity
quest CWE-78
8.8
2018-06-02 CVE-2018-11149 OS Command Injection vulnerability in Quest Disk Backup
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 7 of 46).
network
low complexity
quest CWE-78
8.8
2018-06-02 CVE-2018-11148 OS Command Injection vulnerability in Quest Disk Backup
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 6 of 46).
network
low complexity
quest CWE-78
8.8
2018-06-02 CVE-2018-11147 OS Command Injection vulnerability in Quest Disk Backup
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 5 of 46).
network
low complexity
quest CWE-78
8.8
2018-06-02 CVE-2018-11146 OS Command Injection vulnerability in Quest Disk Backup
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 4 of 46).
network
low complexity
quest CWE-78
8.8
2018-06-02 CVE-2018-11145 OS Command Injection vulnerability in Quest Disk Backup
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 3 of 46).
network
low complexity
quest CWE-78
8.8
2018-06-02 CVE-2018-11144 OS Command Injection vulnerability in Quest Disk Backup
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 2 of 46).
network
low complexity
quest CWE-78
8.8
2018-06-02 CVE-2018-11143 OS Command Injection vulnerability in Quest Disk Backup
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 1 of 46).
network
low complexity
quest CWE-78
critical
9.8
2018-06-01 CVE-2018-3757 OS Command Injection vulnerability in Pdf-Image Project Pdf-Image 2.0.0
Command injection exists in pdf-image v2.0.0 due to an unescaped string parameter.
network
low complexity
pdf-image-project CWE-78
critical
9.8
2018-06-01 CVE-2018-3746 OS Command Injection vulnerability in Pdfinfojs Project Pdfinfojs
The pdfinfojs NPM module versions <= 0.3.6 has a command injection vulnerability that allows an attacker to execute arbitrary commands on the victim's machine.
network
low complexity
pdfinfojs-project CWE-78
critical
9.8