CWE:
 

Topic
Date
Author
High
MobileIron Log4Shell Remote Command Execution
03.08.2022
Spencer McIntyre
High
Roxy-WI Remote Command Execution
26.07.2022
Nuri Cilengir
High
Spryker Commerce OS Remote Command Execution
20.07.2022
David Brown
High
Sourcegraph gitserver sshCommand Remote Command Execution
15.07.2022
Spencer McIntyre
High
Zyxel Buffer Overflow / Format String / Command Injection
20.06.2022
Marco Ivaldi
High
Poly EagleEye Director II 2.2.1.1 Command Injection / Authentication Bypass
07.06.2022
Johannes Kruchem
Med.
Poly Studio X30 / Studio X50 / Studio X70 / G7500 Command Injection
06.06.2022
Johannes Kruchem
Med.
Telesquare SDT-CW3B1 1.1.0 Command Injection
04.06.2022
Bryan Leong
High
Zyxel USG FLEX 5.21 Command Injection
04.06.2022
Valentin Lobstein
High
iTop Remote Command Execution
24.05.2022
Markus Krell
High
SDT-CW3B1 1.1.0 Command Injection
17.05.2022
Ahmed Alroky
High
VMware Workspace ONE Access Template Injection / Command Execution
04.05.2022
mr_me
High
Tenda HG6 3.3.0 Remote Command Injection
03.05.2022
LiquidWorm
Med.
Zyxel NWA-1100-NH Command Injection
19.04.2022
Ahmed Alroky
High
Razer Sila 2.0.418 Command Injection
11.04.2022
Kevin Randall
High
Tdarr 2.00.15 Command Injection
11.03.2022
Sam Smith
High
Hikvision IP Camera Unauthenticated Command Injection
01.03.2022
bashis
High
Grandstream GXV31XX settimezone Unauthenticated Command Execution
09.02.2022
Brendan Coles
High
QEMU Monitor HMP migrate Command Execution
08.02.2022
Brendan Coles
High
Korenix Technology JetWave CSRF / Command Injection / Missing Authentication
07.02.2022
T. Weber
High
Cisco Small Business RV Series Authentication Bypass / Command Injection
02.02.2022
jbaines-r7
High
Grandstream GXV3175 Unauthenticated Command Execution
20.01.2022
Brendan Coles
High
SonicWall SMA 100 Series Authenticated Command Injection
13.01.2022
jbaines-r7
High
meterN 1.2.3 Remote Command Execution
16.12.2021
LiquidWorm
High
GNU gdbserver 9.2 Remote Command Execution
14.12.2021
Roberto Gesteira Miña...
High
Booked Scheduler 2.7.5 Remote Command Execution (RCE) (Authenticated)
14.12.2021
0sunday
High
Advanced Comment System 1.0 Remote Command Execution
02.12.2021
Nicole Daniella Murill...
High
GNU gdbserver 9.2 Remote Command Execution
23.11.2021
Roberto Gesteira Minar...
High
Apache Storm Nimbus 2.2.0 Command Execution
22.11.2021
Spencer McIntyre
High
YeaLink SIP-TXXXP 53.84.0.15 Command Injection
12.11.2021
tahaafarooq
High
GitLab Unauthenticated Remote ExifTool Command Injection
05.11.2021
William Bowling
Med.
Sophos UTM WebAdmin SID Command Injection
29.10.2021
wvu
Med.
Movable Type 7 r.5002 XMLRPC API OS Command Injection (Metasploit)
29.10.2021
Etienne
Med.
Hikvision Web Server Build 210702 Command Injection
25.10.2021
bashis
High
Moodle SpellChecker Path Authenticated Remote Command Execution
12.10.2021
h00die
High
CMSimple_XH 1.7.4 Remote Command Execution
02.10.2021
Halit Akaydin
Low
Apache James Server 2.3.2 Remote Command Execution
28.09.2021
shinris3n
High
Backdrop CMS 1.20.0 Cross Site Request Forgery / Command Execution
23.09.2021
V1n1v131r4
High
elFinder Archive Command Injection
17.09.2021
Shelby Pace
High
Geutebruck Remote Command Execution
04.09.2021
Titouan Lazard
Med.
Moxa Command Injection / Cross Site Scripting / Vulnerable Software
01.09.2021
T. Weber
High
Git LFS Clone Command Execution
31.08.2021
Shelby Pace
Low
Altus Sistemas de Automacao Products CSRF / Command Injection / Hardcoded Credentials
20.08.2021
T. Weber
Med.
Online Notice Board System 1.0 - Remote Command Execution (RCE) throw upload file
19.08.2021
Mosaaed
High
Riak Insecure Default Configuration / Remote Command Execution
06.08.2021
Jeremy Brown
High
ApacheOfBiz 17.12.01 Remote Command Execution
04.08.2021
Álvaro Muñoz
High
Sage X3 Administration Service Authentication Bypass / Command Execution
21.07.2021
Aaron Herndon
Med.
Seagate BlackArmor NAS sg2000-2000.1331 Command Injection
16.07.2021
Metin Yunus Kandemir
Med.
Visual Tools DVR VX16 4.2.28.0 Command Injection
09.07.2021
Andrea D'Ubaldo
High
Netgear DGN2200v1 Remote Command Execution
07.07.2021
SivertPL
High
Docker Dashboard Remote Command Execution
07.07.2021
Jeremy Brown
High
Ricon Industrial Cellular Router S9922XL Remote Command Execution (RCE)
05.07.2021
LiquidWorm
Med.
Dlink DSL2750U Command Injection
25.06.2021
Mohammed Hadi
High
Adobe ColdFusion 8 Remote Command Execution
25.06.2021
Pergyz
Med.
TP-Link TL-WR841N Command Injection
25.06.2021
Koh You Liang
High
Seeddms 5.1.10 Remote Command Execution
25.06.2021
Bryan Leong
High
Cisco Modeling Labs 2.1.1-b19 Remote Command Execution
24.06.2021
Jeremy Brown
Low
SAP Wily Introscope Enterprise OS Command Injection
19.06.2021
Yvan Genuer
High
HashiCorp Nomad Remote Command Execution
15.06.2021
Wyatt Dahlenburg
High
Cisco HyperFlex HX Data Platform Command Execution
06.06.2021
wvu
High
Cacti 1.2.12 SQL Injection / Remote Command Execution
02.06.2021
h00die
Med.
Thecus N4800Eco Command Injection
02.06.2021
Metin Yunus Kandemir
Med.
Korenix CSRF / Backdoor Accounts / Command Injection / Missing Authentication
01.06.2021
T. Weber
Med.
QNAP MusicStation / MalwareRemover File Upload / Command Injection
28.05.2021
polict
High
PHP 8.1.0-dev Backdoor Remote Command Injection
26.05.2021
Richard Jones
High
IGEL OS Secure VNC/Terminal Command Injection
04.05.2021
Rob Vinson
High
Apache Druid 0.20.0 Remote Command Execution
27.04.2021
Litch1
High
OTRS 6.0.1 Remote Command Execution
22.04.2021
Hex_26
High
MariaDB 10.2 /MySQL wsrep_provider OS Command Execution
21.04.2021
Central InfoSec
High
Cockpit CMS 0.11.1 NoSQL Injection / Remote Command Execution
21.04.2021
h00die
High
GravCMS 1.10.7 Remote Command Execution
21.04.2021
Mehmet Ince
High
Genexis PLATINUM 4410 2.1 P4410-V2-1.28 Remote Command Execution
15.04.2021
Jay Sharma
High
vsftpd 2.3.4 Backdoor Command Execution
12.04.2021
HerculesRD
High
F5 iControl Server-Side Request Forgery / Remote Command Execution
04.04.2021
wvu
High
phpPgAdmin 7.13.0 COPY FROM PROGRAM Command Execution (Authenticated)
01.04.2021
Valerio Severini
High
SAP Solution Manager 7.2 Remote Command Execution
27.03.2021
Dmitry Chastuhin
High
MyBB 1.8.25 Remote Command Execution
22.03.2021
SivertPL
Med.
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authenticated Command Injection
19.03.2021
LiquidWorm
Med.
VestaCP 0.9.8 Command Injection
19.03.2021
numan turle
Med.
D-Link DIR-3060 1.11b04 Command Injection
13.03.2021
T Shiomitsu
Low
Webkrea Cross Site Scripting (XSS)
26.02.2021
Tuan Tran
Low
Webkrea Cross Site Scripting (XSS)
17.02.2021
Calvin Bruce
Med.
LiteSpeed Web Server Enterprise 5.4.11 Command Injection
06.02.2021
SunCSR
Med.
Metasploit Framework 6.0.11 Command Injection
30.01.2021
Justin Steven
Med.
Klog Server 2.4.1 Unauthenticated Command Injection (Metasploit)
27.01.2021
Metin
Low
Openlitespeed Web Server 1.7.8 Command Injection (Authenticated)
27.01.2021
SunCSR
High
Cisco UCS Manager 2.2(1d) Remote Command Execution
18.01.2021
liquidsky
Med.
Pepperl+Fuchs IO-Link Master Series 1.36 CSRF / XSS / Command Injection
14.01.2021
T. Weber
High
Online Learning Management System 1.0 Remote Command Execution
06.01.2021
Bedri Sertkaya
Low
SpamTitan 7.07 Command Injection
05.01.2021
Christophe de la Fuent...
Med.
Klog Server 2.4.1 Command Injection
05.01.2021
B3KC4T
High
Webmin 1.962 Remote Command Execution
23.12.2020
AkkuS
High
SCO Openserver 5.0.7 Command Injection
22.12.2020
Ramikan
High
Rejetto HttpFileServer 2.3.x Remote Command Execution
01.12.2020
Oscar Andreu
High
ZeroShell 3.9.0 Remote Command Execution
24.11.2020
Juan Manuel Fernandez
High
Gemtek WVRTM-127ACN 01.01.02.141 Command Injection
22.11.2020
Gabriele Zuddas
High
Aerospike Database 5.1.0.3 Remote Command Execution
18.11.2020
Matt S
High
SaltStack Salt REST API Arbitrary Command Execution
13.11.2020
wvu
High
ASUS TM-AC1900 Arbitrary Command Execution
13.11.2020
b1ack0wl
High
Rapid7 Metasploit Framework msfvenom APK Template Command Injection
10.11.2020
Justin Steven


CVEMAP Search Results

CVE
Details
Description
2022-08-05
Waiting for details
CVE-2022-22140

Updating...
 

 
An os command injection vulnerability exists in the confsrv ucloud_add_node functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a malicious packet to trigger this vulnerability.

 
2022-08-03
Waiting for details
CVE-2022-27616

Updating...
 

 
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in webapi component in Synology DiskStation Manager (DSM) before 7.0.1-42218-3 allows remote authenticated users to execute arbitrary commands via unspecified vectors.

 
Waiting for details
CVE-2022-28668

Updating...
 

 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 11.9.2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16679.

 
2022-07-28
Waiting for details
CVE-2022-22684

Updating...
 

 
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in task management component in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows remote attackers to execute arbitrary commands via unspecified vectors.

 
2022-07-27
Waiting for details
CVE-2022-2550

Updating...
 

 
OS Command Injection in GitHub repository hestiacp/hestiacp prior to 1.6.5.

 
2022-07-15
Waiting for details
CVE-2022-34251

Updating...
 

 
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

 
Waiting for details
CVE-2022-34247

Updating...
 

 
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

 
Waiting for details
CVE-2022-34217

Updating...
 

 
Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

 
Medium
CVE-2022-32434

Vendor: Opener project
Software: Opener
 

 
EIPStackGroup OpENer v2.3.0 was discovered to contain a stack overflow via /bin/posix/src/ports/POSIX/OpENer+0x56073d.

 
2022-07-14
Medium
CVE-2022-32323

Vendor: Autotrace project
Software: Autotrace
 

 
AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.

 

 


Copyright 2022, cxsecurity.com

 

Back to Top