Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-06 | CVE-2017-6884 | OS Command Injection vulnerability in Zyxel Emg2926 Firmware V1.00(Aaqt.4)B8 A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. | 8.8 |
| 2017-04-05 | CVE-2016-9091 | OS Command Injection vulnerability in Bluecoat products Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. | 7.2 |
| 2017-04-04 | CVE-2017-7414 | OS Command Injection vulnerability in Horde Groupware In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition 5.x through 5.2.17, OS Command Injection can occur if the user has PGP features enabled in the user's preferences, and has enabled the "Should PGP signed messages be automatically verified when viewed?" preference. | 7.5 |
| 2017-04-04 | CVE-2017-7413 | OS Command Injection vulnerability in Horde Groupware In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition through 5.2.17, OS Command Injection can occur if the attacker is an authenticated Horde Webmail user, has PGP features enabled in their preferences, and attempts to encrypt an email addressed to a maliciously crafted email address. | 8.8 |
| 2017-03-30 | CVE-2017-6182 | OS Command Injection vulnerability in Sophos web Appliance In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304. | 9.8 |
| 2017-03-27 | CVE-2017-5330 | OS Command Injection vulnerability in multiple products ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications. | 7.8 |
| 2017-03-24 | CVE-2017-6087 | OS Command Injection vulnerability in Eonweb Project Eonweb EyesOfNetwork ("EON") 5.0 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the selected_events[] parameter in the (1) acknowledge, (2) delete, or (3) ownDisown function in module/monitoring_ged/ged_functions.php or the (4) module parameter to module/index.php. | 8.8 |
| 2017-03-23 | CVE-2017-6361 | OS Command Injection vulnerability in Qnap QTS QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute arbitrary commands via unspecified vectors. | 9.8 |
| 2017-03-23 | CVE-2017-6360 | OS Command Injection vulnerability in Qnap QTS QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and obtain sensitive information via unspecified vectors. | 9.8 |
| 2017-03-23 | CVE-2017-6359 | OS Command Injection vulnerability in Qnap QTS QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and execute arbitrary commands via unspecified vectors. | 9.8 |