Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-31 | CVE-2023-43139 | OS Command Injection vulnerability in Franfinance 1.9.0 An issue in franfinance before v.2.0.27 allows a remote attacker to execute arbitrary code via the validation.php, and controllers/front/validation.php components. | 9.8 |
| 2023-10-30 | CVE-2023-47104 | OS Command Injection vulnerability in Vareille Tiny File Dialogs tinyfiledialogs (aka tiny file dialogs) before 3.15.0 allows shell metacharacters (such as a backquote or a dollar sign) in titles, messages, and other input data. | 9.8 |
| 2023-10-26 | CVE-2018-17879 | OS Command Injection vulnerability in Abus products An issue was discovered on certain ABUS TVIP cameras. | 9.8 |
| 2023-10-26 | CVE-2023-43208 | OS Command Injection vulnerability in Nextgen Mirth Connect NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. | 9.8 |
| 2023-10-25 | CVE-2023-20273 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. | 7.2 |
| 2023-10-23 | CVE-2023-33839 | OS Command Injection vulnerability in IBM Security Verify Governance 10.0/10.0.1 IBM Security Verify Governance 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 8.8 |
| 2023-10-23 | CVE-2023-43066 | OS Command Injection vulnerability in Dell products Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. | 7.8 |
| 2023-10-22 | CVE-2023-46306 | OS Command Injection vulnerability in Netmodule Router Software The web administration interface in NetModule Router Software (NRSW) 4.6 before 4.6.0.106 and 4.8 before 4.8.0.101 executes an OS command constructed with unsanitized user input: shell metacharacters in the /admin/gnssAutoAlign.php device_id parameter. | 6.6 |
| 2023-10-21 | CVE-2023-5684 | OS Command Injection vulnerability in Byzoro Smart S85F Firmware 20231010 A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231012. | 9.8 |
| 2023-10-21 | CVE-2023-5683 | OS Command Injection vulnerability in Byzoro Smart S85F Firmware 20231010 A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231010 and classified as critical. | 9.8 |