Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-10 | CVE-2022-45145 | OS Command Injection vulnerability in Call-Cc Chicken egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package installation via escape characters in a .egg file. | 9.8 |
2022-12-08 | CVE-2022-33186 | OS Command Injection vulnerability in Brocade Fabric Operating System A vulnerability in Brocade Fabric OS software v9.1.1, v9.0.1e, v8.2.3c, v7.4.2j, and earlier versions could allow a remote unauthenticated attacker to execute on a Brocade Fabric OS switch commands capable of modifying zoning, disabling the switch, disabling ports, and modifying the switch IP address. | 9.8 |
2022-12-08 | CVE-2022-45497 | OS Command Injection vulnerability in Tenda W6-S Firmware 1.0.0.4(510) Tenda W6-S v1.0.0.4(510) was discovered to contain a command injection vulnerability in the tpi_get_ping_output function at /goform/exeCommand. | 9.8 |
2022-12-08 | CVE-2022-45506 | OS Command Injection vulnerability in Tenda W30E Firmware 1.0.1.25(633) Tenda W30E v1.0.1.25(633) was discovered to contain a command injection vulnerability via the fileNameMit parameter at /goform/delFileName. | 9.8 |
2022-12-08 | CVE-2022-4364 | OS Command Injection vulnerability in Flir AX8 Firmware A vulnerability classified as critical has been found in Teledyne FLIR AX8 up to 1.46.16. | 9.8 |
2022-12-07 | CVE-2022-44606 | OS Command Injection vulnerability in Unimo products OS command injection vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings. | 8.8 |
2022-12-07 | CVE-2022-45025 | OS Command Injection vulnerability in Markdown Preview Enhanced Project Markdown Preview Enhanced 0.19.6/0.6.5 Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom was discovered to contain a command injection vulnerability via the PDF file import function. | 9.8 |
2022-12-07 | CVE-2022-45026 | OS Command Injection vulnerability in Markdown Preview Enhanced Project Markdown Preview Enhanced 0.19.6/0.6.5 An issue in Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom allows attackers to execute arbitrary commands during the GFM export process. | 9.8 |
2022-12-07 | CVE-2022-45915 | OS Command Injection vulnerability in Ilias ILIAS before 7.16 allows OS Command Injection. | 8.8 |
2022-12-06 | CVE-2022-43867 | OS Command Injection vulnerability in IBM Spectrum Scale Container Native Storage Access 5.1.0.1/5.1.2.1/5.1.4.1 IBM Spectrum Scale 5.1.0.1 through 5.1.4.1 could allow a local attacker to execute arbitrary commands in the container. | 7.8 |