Total
1755 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-47253 | 1 Qualitor | 1 Qalitor | 2023-11-14 | N/A | 9.8 CRITICAL |
| Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter. | |||||
| CVE-2020-2509 | 1 Qnap | 2 Qts, Quts Hero | 2023-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build 20210202 and later QTS 4.5.1.1495 Build 20201123 and later QTS 4.3.6.1620 Build 20210322 and later QTS 4.3.4.1632 Build 20210324 and later QTS 4.3.3.1624 Build 20210416 and later QTS 4.2.6 Build 20210327 and later QuTS hero h4.5.1.1491 build 20201119 and later | |||||
| CVE-2021-44051 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2023-11-14 | 6.5 MEDIUM | 8.8 HIGH |
| A command injection vulnerability has been reported to affect QNAP NAS running QuTScloud, QuTS hero and QTS. If exploited, this vulnerability allows remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QuTScloud, QuTS hero and QTS: QuTScloud c5.0.1.1949 and later QuTS hero h5.0.0.1986 build 20220324 and later QTS 5.0.0.1986 build 20220324 and later | |||||
| CVE-2022-43623 | 1 Dlink | 2 Dir-1935, Dir-1935 Firmware | 2023-11-08 | N/A | 6.8 MEDIUM |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of SetWebFilterSetting requests to the web management portal. When parsing the WebFilterURLs element, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-16140. | |||||
| CVE-2023-46484 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-11-08 | N/A | 9.8 CRITICAL |
| An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the setLedCfg function. | |||||
| CVE-2023-46485 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-11-08 | N/A | 9.8 CRITICAL |
| An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the setTracerouteCfg function of the stecgi.cgi component. | |||||
| CVE-2023-46993 | 1 Totolink | 2 A3300r, A3300r Firmware | 2023-11-08 | N/A | 9.8 CRITICAL |
| In TOTOLINK A3300R V17.0.0cu.557_B20221024 when dealing with setLedCfg request, there is no verification for the enable parameter, which can lead to command injection. | |||||
| CVE-2023-46976 | 1 Totolink | 2 A3300r, A3300r Firmware | 2023-11-08 | N/A | 9.8 CRITICAL |
| TOTOLINK A3300R 17.0.0cu.557_B20221024 contains a command injection via the file_name parameter in the UploadFirmwareFile function. | |||||
| CVE-2023-46979 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-11-08 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R V9.4.0cu.852_B20230719 was discovered to contain a command injection vulnerability via the enable parameter in the setLedCfg function. | |||||
| CVE-2023-4310 | 1 Beyondtrust | 2 Privileged Remote Access, Remote Support | 2023-11-07 | N/A | 9.8 CRITICAL |
| BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) versions 23.2.1 and 23.2.2 contain a command injection vulnerability which can be exploited through a malicious HTTP request. Successful exploitation of this vulnerability can allow an unauthenticated remote attacker to execute underlying operating system commands within the context of the site user. This issue is fixed in version 23.2.3. | |||||
| CVE-2023-4212 | 1 Trane | 8 Pivot, Pivot Firmware, Xl1050 and 5 more | 2023-11-07 | N/A | 6.8 MEDIUM |
| A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats allowing an attacker to execute arbitrary commands as root using a specially crafted filename. The vulnerability requires physical access to the device via a USB stick. | |||||
| CVE-2023-36642 | 1 Fortinet | 1 Fortitester | 2023-11-07 | N/A | 7.8 HIGH |
| An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiTester 3.0.0 through 7.2.3 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands. | |||||
| CVE-2023-34153 | 3 Fedoraproject, Imagemagick, Redhat | 4 Extra Packages For Enterprise Linux, Fedora, Imagemagick and 1 more | 2023-11-07 | N/A | 7.8 HIGH |
| A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding. | |||||
| CVE-2023-33625 | 1 Dlink | 2 Dir-600, Dir-600 Firmware | 2023-11-07 | N/A | 9.8 CRITICAL |
| D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command injection vulnerability via the ST parameter in the lxmldbc_system() function. | |||||
| CVE-2023-31569 | 1 Totolink | 2 X5000r, X5000r Firmware | 2023-11-07 | N/A | 9.8 CRITICAL |
| TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection via the setWanCfg function. | |||||
| CVE-2023-28935 | 1 Apache | 1 Unstructured Information Management Architecture | 2023-11-07 | N/A | 8.8 HIGH |
| ** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache UIMA DUCC. When using the "Distributed UIMA Cluster Computing" (DUCC) module of Apache UIMA, an authenticated user that has the permissions to modify core entities can cause command execution as the system user that runs the web process. As the "Distributed UIMA Cluster Computing" module for UIMA is retired, we do not plan to release a fix for this issue. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-28712 | 1 Propumpservice | 2 Osprey Pump Controller, Osprey Pump Controller Firmware | 2023-11-07 | N/A | 9.8 CRITICAL |
| Osprey Pump Controller version 1.01 contains an unauthenticated command injection vulnerability that could allow system access with www-data permissions. | |||||
| CVE-2023-26155 | 1 Nrhirani | 1 Node-qpdf | 2023-11-07 | N/A | 9.8 CRITICAL |
| All versions of the package node-qpdf are vulnerable to Command Injection such that the package-exported method encrypt() fails to sanitize its parameter input, which later flows into a sensitive command execution API. As a result, attackers may inject malicious commands once they can specify the input pdf file path. | |||||
| CVE-2023-26145 | 1 Derrickgilland | 1 Pydash | 2023-11-07 | N/A | 8.1 HIGH |
| This affects versions of the package pydash before 6.0.0. A number of pydash methods such as pydash.objects.invoke() and pydash.collections.invoke_map() accept dotted paths (Deep Path Strings) to target a nested Python object, relative to the original source object. These paths can be used to target internal class attributes and dict items, to retrieve, modify or invoke nested Python objects. **Note:** The pydash.objects.invoke() method is vulnerable to Command Injection when the following prerequisites are satisfied: 1) The source object (argument 1) is not a built-in object such as list/dict (otherwise, the __init__.__globals__ path is not accessible) 2) The attacker has control over argument 2 (the path string) and argument 3 (the argument to pass to the invoked method) The pydash.collections.invoke_map() method is also vulnerable, but is harder to exploit as the attacker does not have direct control over the argument to be passed to the invoked function. | |||||
| CVE-2023-26134 | 1 Git-commit-info Project | 1 Git-commit-info | 2023-11-07 | N/A | 9.8 CRITICAL |
| Versions of the package git-commit-info before 2.0.2 are vulnerable to Command Injection such that the package-exported method gitCommitInfo () fails to sanitize its parameter commit, which later flows into a sensitive command execution API. As a result, attackers may inject malicious commands once they control the hash content. | |||||