• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-78

CVE-2019-10788

February 26, 2023 by

im-metadata through 3.0.1 allows remote attackers to execute arbitrary commands via the “exec” argument. It is possible to inject arbitrary commands as part of the metadata options which is given to the “exec” function.

CVE-2019-10789

February 26, 2023 by

All versions of curling.js are vulnerable to Command Injection via the run function. The command argument can be controlled by users without any sanitization.

CVE-2019-10791

February 26, 2023 by

promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization.

CVE-2019-10796

February 26, 2023 by

rpi through 0.0.3 allows execution of arbritary commands. The variable pinNumbver in function GPIO within src/lib/gpio.js is used as part of the arguement of exec function without any sanitization.

CVE-2019-10799

February 26, 2023 by

compile-sass prior to 1.0.5 allows execution of arbritary commands. The function “setupCleanupOnExit(cssPath)” within “dist/index.js” is executed as part of the “rm” command without any sanitization.

CVE-2019-10801

February 26, 2023 by

enpeem through 2.2.0 allows execution of arbitrary commands. The “options.dir” argument is provided to the “exec” function without any sanitization.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 206
  • Go to page 207
  • Go to page 208
  • Go to page 209
  • Go to page 210
  • Interim pages omitted …
  • Go to page 342
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE