Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-22 | CVE-2024-29185 | OS Command Injection vulnerability in Freescout FreeScout is a self-hosted help desk and shared mailbox. | 9.0 |
| 2024-03-22 | CVE-2024-2448 | OS Command Injection vulnerability in Progress Loadmaster 7.1.35.10/7.2.48.10 An OS command injection vulnerability has been identified in LoadMaster. An authenticated UI user with any permission settings may be able to inject commands into a UI component using a shell command resulting in OS command injection. | 8.8 |
| 2024-03-15 | CVE-2023-51699 | OS Command Injection vulnerability in Linuxfoundation Fluid Fluid is an open source Kubernetes-native Distributed Dataset Orchestrator and Accelerator for data-intensive applications. | 6.0 |
| 2024-03-11 | CVE-2024-28187 | OS Command Injection vulnerability in Saitodev SOY CMS 1.8.15/3.14.0/3.14.1 SOY CMS is an open source CMS (content management system) that allows you to build blogs and online shops. | 7.2 |
| 2024-02-23 | CVE-2024-1683 | OS Command Injection vulnerability in Tenable Identity Exposure A DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for overriding of the configuration and running of new Secure Relay services. | 7.3 |
| 2024-02-22 | CVE-2023-51450 | OS Command Injection vulnerability in Basercms baserCMS is a website development framework. | 8.1 |
| 2024-02-21 | CVE-2024-1212 | OS Command Injection vulnerability in Progress Loadmaster Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution. | 9.8 |
| 2024-02-20 | CVE-2024-1297 | OS Command Injection vulnerability in Loomio 2.22.0 Loomio version 2.22.0 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to OS Command Injection. | 9.8 |
| 2024-02-19 | CVE-2023-6260 | OS Command Injection vulnerability in Brivo Acs100 Firmware and Acs300 Firmware Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from 5.2.4 before 6.2.4.3. | 8.8 |
| 2024-02-19 | CVE-2024-25626 | OS Command Injection vulnerability in Linuxfoundation Yocto Yocto Project is an open source collaboration project that helps developers create custom Linux-based systems regardless of the hardware architecture. | 9.8 |