Total
4365 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-26670 | 1 Bigtreecms | 1 Bigtree Cms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability has been discovered in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to execute arbitrary commands through a crafted request sent to the server via the 'Create a New Setting' function. | |||||
| CVE-2020-26301 | 2 Microsoft, Ssh2 Project | 2 Windows, Ssh2 | 2024-11-21 | 7.5 HIGH | 7.5 HIGH |
| ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windows. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This is fixed in version 1.4.0. | |||||
| CVE-2020-26300 | 1 Systeminformation | 1 Systeminformation | 2024-11-21 | 7.5 HIGH | 5.9 MEDIUM |
| systeminformation is an npm package that provides system and OS information library for node.js. In systeminformation before version 4.26.2 there is a command injection vulnerability. Problem was fixed in version 4.26.2 with a shell string sanitation fix. | |||||
| CVE-2020-26294 | 1 Target | 1 Compiler | 2024-11-21 | 5.0 MEDIUM | 7.4 HIGH |
| Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. In Vela compiler before version 0.6.1 there is a vulnerability which allows exposure of server configuration. It impacts all users of Vela. An attacker can use Sprig's `env` function to retrieve configuration information, see referenced GHSA for an example. This has been fixed in version 0.6.1. In addition to upgrading, it is recommended to rotate all secrets. | |||||
| CVE-2020-26284 | 1 Gohugo | 1 Hugo | 2024-11-21 | 8.5 HIGH | 7.7 HIGH |
| Hugo is a fast and Flexible Static Site Generator built in Go. Hugo depends on Go's `os/exec` for certain features, e.g. for rendering of Pandoc documents if these binaries are found in the system `%PATH%` on Windows. In Hugo before version 0.79.1, if a malicious file with the same name (`exe` or `bat`) is found in the current working directory at the time of running `hugo`, the malicious command will be invoked instead of the system one. Windows users who run `hugo` inside untrusted Hugo sites are affected. Users should upgrade to Hugo v0.79.1. Other than avoiding untrusted Hugo sites, there is no workaround. | |||||
| CVE-2020-26274 | 1 Systeminformation | 1 Systeminformation | 2024-11-21 | 7.5 HIGH | 6.4 MEDIUM |
| In systeminformation (npm package) before version 4.31.1 there is a command injection vulnerability. The problem was fixed in version 4.31.1 with a shell string sanitation fix. | |||||
| CVE-2020-26245 | 1 Systeminformation | 1 Systeminformation | 2024-11-21 | 7.5 HIGH | 8.1 HIGH |
| npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or sanitize service parameter strings that are passed to si.inetChecksite(). | |||||
| CVE-2020-26193 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISI_PRIV_CLUSTER privilege may exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. | |||||
| CVE-2020-26118 | 1 Smartbear | 1 Collaborator | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| In SmartBear Collaborator Server through 13.3.13302, use of the Google Web Toolkit (GWT) API introduces a post-authentication Java deserialization vulnerability. The application's UpdateMemento class accepts a serialized Java object directly from the user without properly sanitizing it. A malicious object can be submitted to the server via an authenticated attacker to execute commands on the underlying system. | |||||
| CVE-2020-26085 | 1 Cisco | 1 Jabber | 2024-11-21 | 9.0 HIGH | 9.9 CRITICAL |
| Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2020-25859 | 1 Qualcomm | 1 Qcmap | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
| The QCMAP_CLI utility in the Qualcomm QCMAP software suite prior to versions released in October 2020 uses a system() call without validating the input, while handling a SetGatewayUrl() request. A local attacker with shell access can pass shell metacharacters and run arbitrary commands. If QCMAP_CLI can be run via sudo or setuid, this also allows elevating privileges to root. This version of QCMAP is used in many kinds of networking devices, primarily mobile hotspots and LTE routers. | |||||
| CVE-2020-25849 | 1 Openfind | 2 Mailaudit, Mailgates | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| MailGates and MailAudit products contain Command Injection flaw, which can be used to inject and execute system commands from the cgi parameter after attackers obtain the user’s access token. | |||||
| CVE-2020-25765 | 1 Westerndigital | 6 My Cloud Ex4100, My Cloud Expert Series Ex2, My Cloud Firmware and 3 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140. | |||||
| CVE-2020-25755 | 1 Enphase | 2 Envoy, Envoy Firmware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered on Enphase Envoy R3.x and D4.x (and other current) devices. The upgrade_start function in /installer/upgrade_start allows remote authenticated users to execute arbitrary commands via the force parameter. | |||||
| CVE-2020-25618 | 1 Solarwinds | 1 N-central | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered in SolarWinds N-Central 12.3.0.670. The sudo configuration has incorrect access control because the nable web user account is effectively able to run arbitrary OS commands as root (i.e., the use of root privileges is not limited to specific programs listed in the sudoers file). | |||||
| CVE-2020-25560 | 1 Sapphireims | 1 Sapphireims | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server. We also observed the same is true if the JSESSIONID is completely removed. | |||||
| CVE-2020-25206 | 1 Mimosa | 6 B5, B5 Firmware, B5c and 3 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| The web console for Mimosa B5, B5c, and C5x firmware through 2.8.0.2 allows authenticated command injection in the Throughput, WANStats, PhyStats, and QosStats API classes. An attacker with access to a web console account may execute operating system commands on affected devices by sending crafted POST requests to the affected endpoints (/core/api/calls/Throughput.php, /core/api/calls/WANStats.php, /core/api/calls/PhyStats.php, /core/api/calls/QosStats.php). This results in the complete takeover of the vulnerable device. This vulnerability does not occur in the older 1.5.x firmware versions. | |||||
| CVE-2020-25036 | 1 Ucopia | 1 Ucopia Wireless Appliance | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| UCOPIA Wi-Fi appliances 6.0.5 allow authenticated remote attackers to escape the restricted administration shell CLI, and access a shell with admin user rights, via an unprotected less command. | |||||
| CVE-2020-24916 | 1 Yaws | 1 Yaws | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection. | |||||
| CVE-2020-24719 | 1 Couchbase | 1 Couchbase Server | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Exposed Erlang Cookie could lead to Remote Command Execution (RCE) attack. Communication between Erlang nodes is done by exchanging a shared secret (aka "magic cookie"). There are cases where the magic cookie is included in the content of the logs. An attacker can use the cookie to attach to an Erlang node and run OS level commands on the system running the Erlang node. Affects version: 6.5.1. Fix version: 6.6.0. | |||||