Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-03 | CVE-2023-33364 | OS Command Injection vulnerability in Supremainc Biostar 2 An OS Command injection vulnerability exists in Suprema BioStar 2 before V2.9.1, which allows authenticated users to execute arbitrary OS commands on the BioStar 2 server. | 8.8 |
| 2023-08-01 | CVE-2023-31425 | OS Command Injection vulnerability in Broadcom Fabric Operating System 9.1.0 A vulnerability in the fosexec command of Brocade Fabric OS after Brocade Fabric OS v9.1.0 and, before Brocade Fabric OS v9.1.1 could allow a local authenticated user to perform privilege escalation to root by breaking the rbash shell. | 7.8 |
| 2023-07-31 | CVE-2023-35861 | OS Command Injection vulnerability in Supermicro products A shell-injection vulnerability in email notifications on Supermicro motherboards (such as H12DST-B before 03.10.35) allows remote attackers to inject execute arbitrary commands as root on the BMC. | 9.8 |
| 2023-07-31 | CVE-2023-35019 | OS Command Injection vulnerability in IBM Security Verify Governance 10.0 IBM Security Verify Governance, Identity Manager 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 8.8 |
| 2023-07-30 | CVE-2023-37213 | OS Command Injection vulnerability in Synel Synergy/A Firmware Synel SYnergy Fingerprint Terminals - CWE-78: 'OS Command Injection' | 9.8 |
| 2023-07-26 | CVE-2023-38673 | OS Command Injection vulnerability in Paddlepaddle PaddlePaddle before 2.5.0 has a command injection in fs.py. | 9.8 |
| 2023-07-24 | CVE-2023-38056 | OS Command Injection vulnerability in Otrs Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. | 7.2 |
| 2023-07-21 | CVE-2023-37903 | OS Command Injection vulnerability in VM2 Project VM2 vm2 is an open source vm/sandbox for Node.js. | 10.0 |
| 2023-07-18 | CVE-2023-36670 | OS Command Injection vulnerability in Kratosdefense NGC Indoor Unit Firmware 9.1.0.4 A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. | 9.8 |
| 2023-07-18 | CVE-2023-37477 | OS Command Injection vulnerability in Fit2Cloud 1Panel 1Panel is an open source Linux server operation and maintenance management panel. | 8.8 |