• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-77

CVE-2020-11079

February 26, 2023 by

node-dns-sync (npm module dns-sync) through 0.2.0 allows execution of arbitrary commands . This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This has been fixed in 0.2.1.

CVE-2020-11084

February 26, 2023 by

In iPear, the manual execution of the eval() function can lead to command injection. Only PCs where commands are manually executed via “For Developers” are affected. This function allows executing any PHP code within iPear which may change, damage, or steal data (files) from the PC.

CVE-2020-10826

February 26, 2023 by

/cgi-bin/activate.cgi on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve command injection via a remote HTTP request in DEBUG mode.

CVE-2020-10666

February 26, 2023 by

The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0.19.2 allows remote code execution via a URL variable to an AMI command.

CVE-2020-10561

February 26, 2023 by

An issue was discovered on Xiaomi Mi Jia ink-jet printer < 3.4.6_0138. Injecting parameters to ippserver through the web management background, resulting in command execution vulnerabilities.

CVE-2020-10580

February 26, 2023 by

A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary PHP code on the server as the user running the application.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 30
  • Go to page 31
  • Go to page 32
  • Go to page 33
  • Go to page 34
  • Interim pages omitted …
  • Go to page 172
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE