Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-04-04 | CVE-2023-3454 | OS Command Injection vulnerability in Broadcom Fabric Operating System Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could allow an attacker to execute arbitrary code and use this to gain root access to the Brocade switch. | 9.8 |
2024-04-02 | CVE-2024-2389 | OS Command Injection vulnerability in Progress Flowmon In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified. An unauthenticated user can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands. | 9.8 |
2024-03-22 | CVE-2024-29185 | OS Command Injection vulnerability in Freescout FreeScout is a self-hosted help desk and shared mailbox. | 9.0 |
2024-03-22 | CVE-2024-2448 | OS Command Injection vulnerability in Progress Loadmaster 7.1.35.10/7.2.48.10 An OS command injection vulnerability has been identified in LoadMaster. An authenticated UI user with any permission settings may be able to inject commands into a UI component using a shell command resulting in OS command injection. | 8.8 |
2024-03-15 | CVE-2023-51699 | OS Command Injection vulnerability in Linuxfoundation Fluid Fluid is an open source Kubernetes-native Distributed Dataset Orchestrator and Accelerator for data-intensive applications. | 6.0 |
2024-03-11 | CVE-2024-28187 | OS Command Injection vulnerability in Saitodev SOY CMS 1.8.15/3.14.0/3.14.1 SOY CMS is an open source CMS (content management system) that allows you to build blogs and online shops. | 7.2 |
2024-02-23 | CVE-2024-1683 | OS Command Injection vulnerability in Tenable Identity Exposure A DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for overriding of the configuration and running of new Secure Relay services. | 7.3 |
2024-02-22 | CVE-2023-51450 | OS Command Injection vulnerability in Basercms baserCMS is a website development framework. | 8.1 |
2024-02-21 | CVE-2024-1212 | OS Command Injection vulnerability in Progress Loadmaster Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution. | 9.8 |
2024-02-20 | CVE-2024-1297 | OS Command Injection vulnerability in Loomio 2.22.0 Loomio version 2.22.0 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to OS Command Injection. | 9.8 |