Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2682

2682 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-39057 Changing Information Technology Inc. RAVA certificate validation system - Command Injection — RAVA certificate validation system 7.2 High2022-10-18
CVE-2022-34427 Dell Container Storage Modules 操作系统命令注入漏洞 — Dell Container Storage Modules 8.8 High2022-10-11
CVE-2022-40176 多款Siemens产品操作系统命令注入漏洞 — Desigo PXM30-1 7.3 -2022-10-11
CVE-2022-3275 Puppetlabs-apt Command Injection — puppetlabs-apt 8.4 High2022-10-07
CVE-2022-3276 Puppetlabs-mysql Command Injection — puppetlabs-mysql 8.4 High2022-10-07
CVE-2022-28811 Possible command injection in Car Park Server in Carlo Gavazzi UWP3.0 — UWP 3.0 Monitoring Gateway and Controller 9.8 Critical2022-09-28
CVE-2022-39224 Arbitrary shell execution when extracting or listing files contained in a malicious rpm. — ruby-arr-pm 7.0 High2022-09-21
CVE-2022-3133 OS Command Injection in jgraph/drawio — jgraph/drawio 8.8 -2022-09-09
CVE-2022-34883 OS Command Injection Vulnerability in RAID Manager Storage Replication Adapter — RAID Manager Storage Replication Adapter 7.2 High2022-09-06
CVE-2022-3008 Command Injection on tinygltf — tinygltf 8.1 High2022-09-05
CVE-2022-34374 Dell Container Storage Modules 操作系统命令注入漏洞 — Dell Container Storage Modules 8.8 High2022-08-30
CVE-2022-31232 Dell SmartFabric Storage Software 操作系统命令注入漏洞 — Smart Fabric Storage Software 8.6 High2022-08-30
CVE-2022-37056 D-Link GO-RT-AC750 操作系统命令注入漏洞 — n/a 9.8 -2022-08-28
CVE-2022-20865 Cisco FXOS Software Command Injection Vulnerability — Cisco Firepower Extensible Operating System (FXOS) 6.7 Medium2022-08-25
CVE-2022-38132 Command injection vulnerability in Linksys MR8300 router while Registration to DDNS Service. By specifying username and password, an attacker connected to the router's web interface can execute arbitrary OS commands. — MR8300 Router 8.2 High2022-08-23
CVE-2022-1513 Lenovo Pcmanager 操作系统命令注入漏洞 — PCManager 7.3 High2022-08-23
CVE-2022-32572 WWBN AVideo 操作系统命令注入漏洞 — AVideo 8.8 -2022-08-22
CVE-2022-30534 WWBN AVideo 操作系统命令注入漏洞 — AVideo 8.8 -2022-08-22
CVE-2022-35976 Improper KubeConfig handling allows arbitrary code execution — vscode-gitops-tools 5.2 Medium2022-08-18
CVE-2022-35975 Improper object validation allows for arbitrary code execution in GitOps Tools Extension for VSCode — vscode-gitops-tools 9.0 Critical2022-08-18
CVE-2022-1410 Remote Code Execution in Device42 ApplianceManager console — CMDB 8.0 High2022-08-16
CVE-2022-36309 Airspan AirVelocity 1500 操作系统命令注入漏洞 — AirVelocity 9.8 -2022-08-16
CVE-2022-2314 VR Calendar < 2.3.2 - Unauthenticated Arbitrary Function Call — VR Calendar 9.8 -2022-08-15
CVE-2022-22140 TCL LinkHub Mesh Wi-Fi 操作系统命令注入漏洞 — LinkHub Mesh Wifi 9.8 -2022-08-05
CVE-2022-21178 TCL LinkHub Mesh Wi-Fi 操作系统命令注入漏洞 — LinkHub Mesh Wifi 9.8 -2022-08-05
CVE-2022-25168 Command injection in org.apache.hadoop.fs.FileUtil.unTarUsingTar — Apache Hadoop 9.8 -2022-08-04
CVE-2022-27616 Synology DiskStation Manager 操作系统命令注入漏洞 — DiskStation Manager (DSM) 7.2 High2022-08-03
CVE-2022-22684 Synology DiskStation Manager 操作系统命令注入漏洞 — DiskStation Manager (DSM) 7.2 High2022-07-28
CVE-2022-2550 OS Command Injection in hestiacp/hestiacp — hestiacp/hestiacp 9.8 -2022-07-27
CVE-2022-33923 Dell EMC PowerStore 操作系统命令注入漏洞 — PowerStore 6.4 Medium2022-07-20

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2682 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.