Total
1690 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-1547 | 1 Cisco | 12 Wap125, Wap125 Firmware, Wap131 and 9 more | 2023-11-07 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the device. To exploit these vulnerabilities, the attacker must have valid administrative credentials for the device. | |||||
| CVE-2021-1488 | 1 Cisco | 10 Adaptive Security Appliance Software, Firepower 1010, Firepower 1120 and 7 more | 2023-11-07 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject commands that could be executed with root privileges on the underlying operating system (OS). This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by uploading a crafted upgrade package file to an affected device. A successful exploit could allow the attacker to inject commands that could be executed with root privileges on the underlying OS. | |||||
| CVE-2021-1443 | 1 Cisco | 1 Ios Xe | 2023-11-07 | 8.5 HIGH | 7.2 HIGH |
| A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying operating system of an affected device. The vulnerability exists because the affected software improperly sanitizes values that are parsed from a specific configuration file. An attacker could exploit this vulnerability by tampering with a specific configuration file and then sending an API call. A successful exploit could allow the attacker to inject arbitrary code that would be executed on the underlying operating system of the affected device. To exploit this vulnerability, the attacker would need to have a privileged set of credentials to the device. | |||||
| CVE-2021-1384 | 1 Cisco | 1 Ios Xe | 2023-11-07 | 8.5 HIGH | 7.2 HIGH |
| A vulnerability in Cisco IOx application hosting environment of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands into the underlying operating system as the root user. This vulnerability is due to incomplete validation of fields in the application packages loaded onto IOx. An attacker could exploit this vulnerability by creating a crafted application .tar file and loading it onto the device. A successful exploit could allow the attacker to perform command injection into the underlying operating system as the root user. | |||||
| CVE-2021-1382 | 1 Cisco | 1 Ios Xe | 2023-11-07 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root privileges. | |||||
| CVE-2020-15180 | 4 Debian, Galeracluster, Mariadb and 1 more | 4 Debian Linux, Galera Cluster For Mysql, Mariadb and 1 more | 2023-11-07 | 6.8 MEDIUM | 9.0 CRITICAL |
| A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and availability. This flaw affects mariadb versions before 10.1.47, before 10.2.34, before 10.3.25, before 10.4.15 and before 10.5.6. | |||||
| CVE-2020-14342 | 3 Fedoraproject, Opensuse, Samba | 3 Fedora, Leap, Cifs-utils | 2023-11-07 | 4.4 MEDIUM | 7.0 HIGH |
| It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission, such as via sudo rules, could use this flaw to escalate their privileges. | |||||
| CVE-2020-10519 | 1 Github | 1 Github | 2023-11-07 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted and made it possible to execute commands on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 2.22.7 and was fixed in 2.22.7, 2.21.15, and 2.20.24. The underlying issues contributing to this vulnerability were identified through the GitHub Security Bug Bounty program. | |||||
| CVE-2019-5420 | 3 Debian, Fedoraproject, Rubyonrails | 3 Debian Linux, Fedora, Rails | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit. | |||||
| CVE-2019-5413 | 1 Morgan Project | 1 Morgan | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| An attacker can use the format parameter to inject arbitrary commands in the npm package morgan < 1.9.1. | |||||
| CVE-2019-14745 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is due to improper handling of symbol names embedded in executables. | |||||
| CVE-2019-1000018 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2023-11-07 | 4.6 MEDIUM | 7.8 HIGH |
| rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. This attack appear to be exploitable via An authorized SSH user with the allowscp permission. | |||||
| CVE-2018-12465 | 1 Microfocus | 1 Secure Messaging Gateway | 2023-11-07 | 9.0 HIGH | 7.2 HIGH |
| An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway (SMG) allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-2018-12464 to achieve unauthenticated remote code execution. Affects Micro Focus Secure Messaging Gateway versions prior to 471. It does not affect previous versions of the product that used GWAVA product name (i.e. GWAVA 6.5). | |||||
| CVE-2018-11106 | 1 Netgear | 10 Wc7500, Wc7500 Firmware, Wc7520 and 7 more | 2023-11-07 | 10.0 HIGH | 9.8 CRITICAL |
| NETGEAR has released fixes for a pre-authentication command injection in request_handler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to 6.5.3.5; WC7600v2, running firmware versions prior to 6.5.3.5; and WC9500, running firmware versions prior to 6.5.3.5. | |||||
| CVE-2018-1000802 | 4 Canonical, Debian, Opensuse and 1 more | 4 Ubuntu Linux, Debian Linux, Leap and 1 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace. | |||||
| CVE-2017-15403 | 1 Google | 2 Chrome, Chrome Os | 2023-11-07 | 4.4 MEDIUM | 7.3 HIGH |
| Insufficient data validation in crosh could lead to a command injection under chronos privileges in Networking in Google Chrome on Chrome OS prior to 61.0.3163.113 allowed a local attacker to execute arbitrary code via a crafted HTML page. | |||||
| CVE-2016-8628 | 1 Redhat | 1 Ansible | 2023-11-07 | 9.0 HIGH | 9.1 CRITICAL |
| Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as. | |||||
| CVE-2016-7076 | 1 Sudo Project | 1 Sudo | 2023-11-07 | 7.2 HIGH | 7.8 HIGH |
| sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges. | |||||
| CVE-2016-5397 | 1 Apache | 1 Thrift | 2023-11-07 | 9.0 HIGH | 8.8 HIGH |
| The Apache Thrift Go client library exposed the potential during code generation for command injection due to using an external formatting tool. Affected Apache Thrift 0.9.3 and older, Fixed in Apache Thrift 0.10.0. | |||||
| CVE-2016-2396 | 1 Sonicwall | 4 Analyzer, Global Management System, Uma Em5000 and 1 more | 2023-11-07 | 9.0 HIGH | 9.9 CRITICAL |
| The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input. | |||||