Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
systeminformation systeminformation vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-42810
systeminformation is a System Information Library for Node.JS. Versions 5.0.0 up to and including 5.21.6 have a SSID Command Injection Vulnerability. The problem was fixed with a parameter check in version 5.21.7. As a workaround, check or sanitize parameter strings that are pass...
Systeminformation Systeminformation
9.8
CVSSv3
CVE-2020-26300
systeminformation is an npm package that provides system and OS information library for node.js. In systeminformation before version 4.26.2 there is a command injection vulnerability. Problem was fixed in version 4.26.2 with a shell string sanitation fix.
Systeminformation Systeminformation
9.8
CVSSv3
CVE-2021-21388
systeminformation is an open source system and OS information library for node.js. A command injection vulnerability has been discovered in versions of systeminformation before 5.6.4. The issue has been fixed with a parameter check on user input. Please upgrade to version >= 5...
Systeminformation Systeminformation
7.8
CVSSv3
CVE-2021-21315
The System Information Library for Node.JS (npm package "systeminformation") is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1 there is a command injection vulnerability. Problem...
Systeminformation Systeminformation
Apache Cordova 10.0.0
16 Github repositories
8.8
CVSSv3
CVE-2020-26274
In systeminformation (npm package) before version 4.31.1 there is a command injection vulnerability. The problem was fixed in version 4.31.1 with a shell string sanitation fix.
Systeminformation Systeminformation
9.8
CVSSv3
CVE-2020-26245
npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be s...
Systeminformation Systeminformation
7.3
CVSSv3
CVE-2020-7778
This affects the package systeminformation prior to 4.30.2. The attacker can overwrite the properties and functions of an object, which can lead to executing OS commands.
Systeminformation Systeminformation
8.8
CVSSv3
CVE-2020-7752
This affects the package systeminformation prior to 4.27.11. This package is vulnerable to Command Injection. The attacker can concatenate curl's parameters to overwrite Javascript files and then execute any OS commands.
Systeminformation Systeminformation
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started