• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-78

CVE-2020-7594

February 26, 2023 by

MultiTech Conduit MTCDT-LVW2-24XX 1.4.17-ocea-13592 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Debug Options page and entering shell metacharacters in the interface JSON field of the ping function.

CVE-2020-7596

February 26, 2023 by

Codecov npm module before 3.6.2 allows remote attackers to execute arbitrary commands via the “gcov-args” argument.

CVE-2020-7597

February 26, 2023 by

codecov-node npm module before 3.6.5 allows remote attackers to execute arbitrary commands.The value provided as part of the gcov-root argument is executed by the exec function within lib/codecov.js. This vulnerability exists due to an incomplete fix of CVE-2020-7596.

CVE-2020-7601

February 26, 2023 by

gulp-scss-lint through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands to the “exec” function located in “src/command.js” via the provided options.

CVE-2020-7602

February 26, 2023 by

node-prompt-here through 1.0.1 allows execution of arbitrary commands. The “runCommand()” is called by “getDevices()” function in file “linux/manager.js”, which is required by the “index. process.env.NM_CLI” in the file “linux/manager.js”. This function is used to construct the argument of function “execSync()”, which can be controlled by users without any sanitization.

CVE-2020-7603

February 26, 2023 by

closure-compiler-stream through 0.1.15 allows execution of arbitrary commands. The argument “options” of the exports function in “index.js” can be controlled by users without any sanitization.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 78
  • Go to page 79
  • Go to page 80
  • Go to page 81
  • Go to page 82
  • Interim pages omitted …
  • Go to page 342
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE