Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
command injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-25765
The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized.
Pdfkit Project Pdfkit
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
9 Github repositories
10
CVSSv2
CVE-2014-8389
cgi-bin/mft/wireless_mft.cgi in AirLive BU-2015 with firmware 1.03.18 16.06.2014, AirLive BU-3026 with firmware 1.43 21.08.2014, AirLive MD-3025 with firmware 1.81 21.08.2014, AirLive WL-2000CAM with firmware LM.1.6.18 14.10.2011, and AirLive POE-200CAM v2 with firmware LM.1.6.17...
Airlive Bu-3026 Firmware 1.43 21.08.2014
Airlive Md-3025 Firmware 1.81 21.08.2014
Airlive Wl-2000cam Firmware Lm.1.6.18 14.10.2011
Airlive Poe-200cam V2 Firmware Lm.1.6.17.01
Airlive Bu-2015 Firmware 1.03.18 16.06.2014
10
CVSSv2
CVE-2020-13802
Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification.
Erlang Rebar3 3.0.0
Erlang Rebar3
NA
CVE-2024-23749
KiTTY versions 0.76.1.13 and before is vulnerable to command injection via the filename variable, occurs due to insufficient input sanitization and validation, failure to escape special characters, and insecure system calls (at lines 2369-2390). This allows an malicious user to a...
9bis Kitty
NA
CVE-2014-83893
Core Security Technologies Advisory - AirLive MD-3025, BU-3026, BU-2015, WL-2000CAM, and POE-200CAM are IP cameras designed for professional surveillance and security applications. The built-in IR LEDs provide high quality nighttime monitoring. These AirLive devices are vulnerabl...
NA
CVE-2022-45639
OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows malicious users to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis showing that the backtick command executes outside the ...
Sleuthkit The Sleuth Kit 4.11.1
NA
CVE-2022-35914
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI up to and including 10.0.2 allows PHP code injection.
Glpi-project Glpi
10 Github repositories
NA
CVE-2023-23333
There is a command injection vulnerability in SolarView Compact up to and including 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.
Contec Solarview Compact Firmware
4 Github repositories
7.2
CVSSv2
CVE-2018-0477
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local malicious user to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes c...
Cisco Ios Xe 16.7\\(1\\)
Cisco Ios Xe 16.7.1
Cisco Ios Xe 15.3\\(3\\)s3.16
7.2
CVSSv2
CVE-2018-0481
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local malicious user to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes c...
Cisco Ios Xe 15.3\\(3\\)s3.16
Cisco Ios Xe 16.7.1
Cisco Ios Xe 16.7\\(1\\)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »