Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-09 | CVE-2022-48582 | OS Command Injection vulnerability in Sciencelogic SL1 A command injection vulnerability exists in the ticket report generate feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. | 8.8 |
| 2023-08-09 | CVE-2022-48583 | OS Command Injection vulnerability in Sciencelogic SL1 A command injection vulnerability exists in the dashboard scheduler feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a shell command. | 8.8 |
| 2023-08-09 | CVE-2022-48584 | OS Command Injection vulnerability in Sciencelogic SL1 A command injection vulnerability exists in the download and convert report feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a shell command. | 8.8 |
| 2023-08-08 | CVE-2023-37569 | OS Command Injection vulnerability in Esds.Co Emagic Data Center Management This vulnerability exists in ESDS Emagic Data Center Management Suit due to lack of input sanitization in its Ping component. | 8.8 |
| 2023-08-04 | CVE-2023-33374 | OS Command Injection vulnerability in Connectedio Connected IO Connected IO v2.1.0 and prior has a command as part of its communication protocol allowing the management platform to specify arbitrary OS commands for devices to execute. | 9.8 |
| 2023-08-04 | CVE-2023-33377 | OS Command Injection vulnerability in Connectedio Connected IO Connected IO v2.1.0 and prior has an OS command injection vulnerability in the set firewall command in part of its communication protocol, enabling attackers to execute arbitrary OS commands on devices. | 9.8 |
| 2023-08-03 | CVE-2023-33364 | OS Command Injection vulnerability in Supremainc Biostar 2 An OS Command injection vulnerability exists in Suprema BioStar 2 before V2.9.1, which allows authenticated users to execute arbitrary OS commands on the BioStar 2 server. | 8.8 |
| 2023-08-01 | CVE-2023-31425 | OS Command Injection vulnerability in Broadcom Fabric Operating System 9.1.0 A vulnerability in the fosexec command of Brocade Fabric OS after Brocade Fabric OS v9.1.0 and, before Brocade Fabric OS v9.1.1 could allow a local authenticated user to perform privilege escalation to root by breaking the rbash shell. | 7.8 |
| 2023-07-31 | CVE-2023-35861 | OS Command Injection vulnerability in Supermicro products A shell-injection vulnerability in email notifications on Supermicro motherboards (such as H12DST-B before 03.10.35) allows remote attackers to inject execute arbitrary commands as root on the BMC. | 9.8 |
| 2023-07-31 | CVE-2023-35019 | OS Command Injection vulnerability in IBM Security Verify Governance 10.0 IBM Security Verify Governance, Identity Manager 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 8.8 |