• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-78

CVE-2020-28426

February 26, 2023 by

All versions of package kill-process-on-port are vulnerable to Command Injection via a.getProcessPortId.

CVE-2020-28429

February 26, 2023 by

All versions of package geojson2kml are vulnerable to Command Injection via the index.js file. PoC: var a =require(“geojson2kml”); a(“./”,”& touch JHU”,function(){})

CVE-2020-28431

February 26, 2023 by

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE-2020-28432

February 26, 2023 by

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE-2020-28347

February 26, 2023 by

tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute arbitrary code via the slave_mac parameter. NOTE: this issue exists because of an incomplete fix for CVE-2020-10882 in which shell quotes are mishandled.

CVE-2020-28188

February 26, 2023 by

Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 103
  • Go to page 104
  • Go to page 105
  • Go to page 106
  • Go to page 107
  • Interim pages omitted …
  • Go to page 342
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE