CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2659

2659 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2020-8130	Ruby Rake 操作系统命令注入漏洞 — https://github.com/ruby/ruby	6.4	-	2020-02-24
CVE-2020-8858	Moxa MGate 5105-MB-EIP 操作系统命令注入漏洞 — MGate 5105-MB-EIP	8.8	-	2020-02-13
CVE-2019-17096	Bitdefender BOX 2 bootstrap get_image_size command injection vulnerability — Bitdefender BOX 2	9.0	Critical	2020-01-28
CVE-2019-17095	Bitdefender BOX 2 bootstrap download_image command injection vulnerability — Bitdefender BOX 2	8.1	High	2020-01-27
CVE-2019-10958	多款Geutebrück产品操作系统命令注入漏洞 — Geutebruck IP Cameras	7.2	-	2020-01-17
CVE-2019-10956	多款Geutebrück产品操作系统命令注入漏洞 — Geutebruck IP Cameras	7.2	-	2020-01-17
CVE-2019-15978	Cisco Data Center Network Manager Command Injection Vulnerabilities — Cisco Data Center Network Manager	7.2	-	2020-01-06
CVE-2019-15979	Cisco Data Center Network Manager Command Injection Vulnerabilities — Cisco Data Center Network Manager	7.2	-	2020-01-06
CVE-2019-16790	Remote Code Execution in Tiny File Manager — Tiny File Manager	6.5	Medium	2019-12-30
CVE-2019-14889	libssh 操作系统命令注入漏洞 — libssh	8.8	-	2019-12-10
CVE-2019-15986	Cisco Unity Express Command Injection Vulnerability — Cisco Unity Express	6.7	-	2019-11-26
CVE-2019-5072	Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route 操作系统命令注入漏洞 — Tenda AC9	7.8	-	2019-11-21
CVE-2019-5071	Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route 操作系统命令注入漏洞 — Tenda AC9	7.8	-	2019-11-21
CVE-2019-5029	Exhibitor 操作系统命令注入漏洞 — Exhibitor	9.8	-	2019-11-13
CVE-2019-5129	YouPHPTube Encoder 操作系统命令注入漏洞 — YouPHPTube	9.8	-	2019-10-25
CVE-2019-5128	YouPHPTube Encoder 操作系统命令注入漏洞 — YouPHPTube	9.8	-	2019-10-25
CVE-2019-5127	YouPHPTube Encoder 操作系统命令注入漏洞 — YouPHPTube"	9.8	-	2019-10-25
CVE-2019-15274	Cisco TelePresence Collaboration Endpoint Software Command Injection Vulnerability — Cisco TelePresence TC Software	6.7	-	2019-10-16
CVE-2019-12812	MyBuilder viewer 输入验证错误漏洞 — MyBuilder	8.8	-	2019-10-07
CVE-2019-12811	MyBuilder 操作系统命令注入漏洞 — MyBuilder	9.8	-	2019-10-07
CVE-2019-12690	Cisco Firepower Management Center Command Injection Vulnerability — Cisco Firepower Management Center	8.8	-	2019-10-02
CVE-2019-12091	Netskope client command injections vulnerability — Netskope client	7.8	-	2019-09-26
CVE-2019-12717	Cisco NX-OS Software Virtualization Manager Command Injection Vulnerability — Cisco NX-OS Software 5.0(3)A1(1)	7.8	-	2019-09-25
CVE-2019-12709	Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability — Cisco IOS XR Software	6.7	-	2019-09-25
CVE-2019-5485	NPM package gitlabhook 操作系统命令注入漏洞 — gitlabhook	9.8	-	2019-09-13
CVE-2019-10891	友讯 D-Link DIR-806 操作系统命令注入漏洞 — n/a	9.8	-	2019-09-06
CVE-2019-5475	Sonatype Nexus Repository Manager 操作系统命令注入漏洞 — Nexus Repository Manager	8.8	-	2019-09-03
CVE-2019-1581	PAN-OS: Remote code execution vulnerability in the PAN-OS SSH device management interface — PAN-OS	9.8	Critical	2019-08-23
CVE-2019-1883	Cisco Integrated Management Controller CLI Command Injection Vulnerability — Cisco Unified Computing System E-Series Software (UCSE)	7.8	-	2019-08-21
CVE-2019-1885	Cisco Integrated Management Controller Command Injection Vulnerability — Cisco Unified Computing System (Management Software)	7.2	-	2019-08-21

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2659 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2659