• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-78

CVE-2021-26616

February 23, 2023 by

An OS command injection was found in SecuwaySSL, when special characters injection on execute command with runCommand arguments.

CVE-2021-26472

February 23, 2023 by

In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges.

CVE-2021-26476

February 23, 2023 by

EPrints 3.4.2 allows remote attackers to execute OS commands via crafted LaTeX input to a cgi/cal?year= URI.

CVE-2021-26541

February 23, 2023 by

The gitlog function in src/index.ts in gitlog before 4.0.4 has a command injection vulnerability.

CVE-2021-26543

February 23, 2023 by

The “gitDiff” function in Wayfair git-parse <=1.0.4 has a command injection vulnerability. Clients of the git-parse library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. The issue has been resolved in version 1.0.5.

CVE-2021-26097

February 23, 2023 by

An improper neutralization of special elements used in an OS Command vulnerability in FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6 may allow an authenticated attacker with access to the web GUI to execute unauthorized code or commands via specifically crafted HTTP requests.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 259
  • Go to page 260
  • Go to page 261
  • Go to page 262
  • Go to page 263
  • Interim pages omitted …
  • Go to page 342
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE