Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-20 | CVE-2018-18858 | OS Command Injection vulnerability in Liquidvpn 1.36/1.37 Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. | 7.8 |
| 2018-11-20 | CVE-2018-18857 | OS Command Injection vulnerability in Liquidvpn 1.36/1.37 Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. | 7.8 |
| 2018-11-20 | CVE-2018-18856 | OS Command Injection vulnerability in Liquidvpn 1.36/1.37 Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. | 7.8 |
| 2018-11-16 | CVE-2018-9086 | OS Command Injection vulnerability in Lenovo products In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. | 7.2 |
| 2018-11-15 | CVE-2018-0694 | OS Command Injection vulnerability in Soliton Filezen FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors. | 9.8 |
| 2018-11-14 | CVE-2018-15711 | OS Command Injection vulnerability in Nagios XI 5.5.6 Nagios XI 5.5.6 allows remote authenticated attackers to reset and regenerate the API key of more privileged users. | 8.8 |
| 2018-11-14 | CVE-2018-15710 | OS Command Injection vulnerability in Nagios XI 5.5.6 Nagios XI 5.5.6 allows local authenticated attackers to escalate privileges to root via Autodiscover_new.php. | 7.8 |
| 2018-11-14 | CVE-2018-15709 | OS Command Injection vulnerability in Nagios XI 5.5.6 Nagios XI 5.5.6 allows remote authenticated attackers to execute arbitrary commands via a crafted HTTP request. | 8.8 |
| 2018-11-11 | CVE-2018-19168 | OS Command Injection vulnerability in Fruitywifi Project Fruitywifi Shell Metacharacter Injection in www/modules/save.php in FruityWifi (aka PatatasFritas/PatataWifi) through 2.4 allows remote attackers to execute arbitrary code with root privileges via a crafted mod_name parameter in a POST request. | 9.8 |
| 2018-11-07 | CVE-2018-19081 | OS Command Injection vulnerability in multiple products An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. | 9.8 |