Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-20 | CVE-2024-28767 | IBM Security Directory Integrator 7.2.0 through 7.2.0.13 and 10.0.0 through 10.0.3 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. low complexity CWE-78 | 6.8 |
| 2024-12-20 | CVE-2024-12829 | OS Command Injection vulnerability in Arista NG Firewall 17.1.1 Arista NG Firewall ExecManagerImpl Command Injection Remote Code Execution Vulnerability. | 8.8 |
| 2024-12-19 | CVE-2021-26115 | OS Command Injection vulnerability in Fortinet Fortiwan An OS command injection (CWE-78) vulnerability in FortiWAN version 4.5.7 and below Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command.An OS command injection (CWE-78) vulnerability in FortiWAN Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command. | 7.8 |
| 2024-12-18 | CVE-2024-12686 | OS Command Injection vulnerability in Beyondtrust Remote Support A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user. | 7.2 |
| 2024-12-13 | CVE-2024-22461 | OS Command Injection vulnerability in Dell Recoverpoint for Virtual Machines 6.0 Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. | 8.8 |
| 2024-12-13 | CVE-2024-48008 | OS Command Injection vulnerability in Dell Recoverpoint for Virtual Machines 6.0 Dell RecoverPoint for Virtual Machines 6.0.x contains a OS Command Injection vulnerability. | 6.5 |
| 2024-12-09 | CVE-2024-12358 | OS Command Injection vulnerability in Datax-Web Project Datax-Web 2.1.1 A vulnerability was found in WeiYe-Jing datax-web 2.1.1. | 8.8 |
| 2024-12-07 | CVE-2024-47115 | OS Command Injection vulnerability in IBM AIX and Vios IBM AIX 7.2, 7.3 and VIOS 3.1 and 4.1 could allow a local user to execute arbitrary commands on the system due to improper neutralization of input. | 7.8 |
| 2024-12-04 | CVE-2024-51465 | IBM App Connect Enterprise Certified Container 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, and 12.3 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 8.8 |
| 2024-11-29 | CVE-2024-49803 | OS Command Injection vulnerability in IBM Security Verify Access IBM Security Verify Access Appliance 10.0.0 through 10.0.8 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 8.8 |