Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-09 | CVE-2018-1000042 | OS Command Injection vulnerability in Securityonion Squert Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result in execution of OS Commands. | 9.8 |
| 2018-02-09 | CVE-2018-1000019 | OS Command Injection vulnerability in Open-Emr Openemr 5.0.0 OpenEMR version 5.0.0 contains a OS Command Injection vulnerability in fax_dispatch.php that can result in OS command injection by an authenticated attacker with any role. | 8.8 |
| 2018-02-08 | CVE-2018-0514 | OS Command Injection vulnerability in Futomi MP Form Mail CGI MP Form Mail CGI eCommerce Edition Ver 2.0.13 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. | 9.8 |
| 2018-02-08 | CVE-2018-0512 | OS Command Injection vulnerability in Iodata products Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. | 6.8 |
| 2018-02-08 | CVE-2018-0122 | OS Command Injection vulnerability in Cisco Staros 21.3.0.67664 A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system. | 4.4 |
| 2018-02-07 | CVE-2018-6791 | OS Command Injection vulnerability in multiple products An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. | 6.8 |
| 2018-02-03 | CVE-2018-1185 | OS Command Injection vulnerability in Dell products An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. | 6.7 |
| 2018-02-03 | CVE-2018-1184 | OS Command Injection vulnerability in Dell products An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. | 6.7 |
| 2018-01-29 | CVE-2018-6388 | OS Command Injection vulnerability in Iball Ib-Wra150N Firmware 1.2.6 iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping test arguments on the Diagnostics page. | 8.8 |
| 2018-01-27 | CVE-2018-6353 | OS Command Injection vulnerability in Electrum The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 supports arbitrary Python code without considering (1) social-engineering attacks in which a user pastes code that they do not understand and (2) code pasted by a physically proximate attacker at an unattended workstation, which makes it easier for attackers to steal Bitcoin via hook code that runs at a later time when the wallet password has been entered, a different vulnerability than CVE-2018-1000022. | 7.8 |