Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
command injection vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2021-34722
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local malicious user to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities,...
Cisco Ios Xr
9
CVSSv2
CVE-2018-7567
In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0.0 up to and including 5.0.24 and 6.0.0 up to and including 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall ...
Otrs Otrs 6.0.0
Otrs Otrs 6.0.1
Otrs Otrs
7.5
CVSSv2
CVE-2012-5520
The send_to_sourcefire function in manage_sql.c in OpenVAS Manager 3.x prior to 3.0.4 allows remote malicious users to execute arbitrary commands via the (1) IP address or (2) port number field in an OMP request.
Openvas Openvas Manager 3.0
Openvas Openvas Manager 3.0.0
Openvas Openvas Manager 3.0.2
Openvas Openvas Manager 3.0.1
Openvas Openvas Manager 3.0.3
7.2
CVSSv2
CVE-2018-0185
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local malicious user to inject arbitrary commands into the CLI of the affected software, which could allow the malicious user to gain access to the underlying Linux shell of an affec...
Cisco Ios Xe
7.2
CVSSv2
CVE-2018-0193
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local malicious user to inject arbitrary commands into the CLI of the affected software, which could allow the malicious user to gain access to the underlying Linux shell of an affec...
Cisco Ios Xe
7.2
CVSSv2
CVE-2018-0194
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local malicious user to inject arbitrary commands into the CLI of the affected software, which could allow the malicious user to gain access to the underlying Linux shell of an affec...
Cisco Ios Xe
7.2
CVSSv2
CVE-2018-0182
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local malicious user to inject arbitrary commands into the CLI of the affected software, which could allow the malicious user to gain access to the underlying Linux shell of an affec...
Cisco Ios Xe
10
CVSSv2
CVE-2014-3829
displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) session_id or (2) template_id parameter, related to the command_line variabl...
Merethis Centreon 2.5.1
Merethis Centreon Enterprise Server 2.2
1 EDB exploit
9
CVSSv2
CVE-2018-19908
An issue exists in MISP 2.4.9x prior to 2.4.99. In app/Model/Event.php (the STIX 1 import code), an unescaped filename string is used to construct a shell command. This vulnerability can be abused by a malicious authenticated user to execute arbitrary commands by tweaking the ori...
Misp Misp
NA
CVE-2020-249161
Yaws versions 1.81 through 2.0.7 suffer from remote OS command injection and XML external entity injection vulnerabilities.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »