• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-77

CVE-2020-29299

February 26, 2023 by

Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. This affects VPN On-premise before ZLD V4.39 week38, VPN Orchestrator before SD-OS V10.03 week32, USG before ZLD V4.39 week38, USG FLEX before ZLD V4.55 week38, ATP before ZLD V4.55 week38, and NSG before 1.33 patch 4.

CVE-2020-28901

February 26, 2023 by

Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation or Code Execution as root via vectors related to corrupt component installation in cmd_subsys.php.

CVE-2020-28902

February 26, 2023 by

Command Injection in Nagios Fusion 4.1.8 and earlier allows Privilege Escalation from apache to root in cmd_subsys.php.

CVE-2020-28908

February 26, 2023 by

Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to nagios.

CVE-2020-28443

February 26, 2023 by

This affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js.

CVE-2020-28445

February 26, 2023 by

This affects all versions of package npm-help. The injection point is located in line 13 in index.js file in export.latestVersion() function.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 15
  • Go to page 16
  • Go to page 17
  • Go to page 18
  • Go to page 19
  • Interim pages omitted …
  • Go to page 172
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE