Vulnerabilities (CVE)

Filtered by CWE-78
Total 3872 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-19469 1 Zmanda 1 Amanda 2024-11-21 6.8 MEDIUM 8.8 HIGH
In Zmanda Management Console 3.3.9, ZMC_Admin_Advanced?form=adminTasks&action=Apply&command= allows CSRF, as demonstrated by command injection with shell metacharacters. This may depend on weak default credentials.
CVE-2019-19356 1 Netis-systems 2 Wf2419, Wf2419 Firmware 2024-11-21 8.5 HIGH 7.5 HIGH
Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. The vulnerability has been found in firmware version V1.2.31805 and V2.2.36123. After one is connected to this page, it is possible to execute system commands as root through the tracert diagnostic tool because of lack of user input sanitizing.
CVE-2019-19220 1 Bmcsoftware 1 Control-m\/agent 2024-11-21 8.5 HIGH 8.8 HIGH
BMC Control-M/Agent 7.0.00.000 allows OS Command Injection (issue 2 of 2).
CVE-2019-19217 1 Bmcsoftware 1 Control-m\/agent 2024-11-21 8.5 HIGH 8.8 HIGH
BMC Control-M/Agent 7.0.00.000 allows OS Command Injection.
CVE-2019-19148 1 Tellabs 2 Optical Line Terminal 1150, Optical Line Terminal 1150 Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
Tellabs Optical Line Terminal (OLT) 1150 devices allow Remote Command Execution via the -l option to TELNET or SSH. Tellabs has addressed this issue in the SR30.1 and SR31.1 release on February 18, 2020.
CVE-2019-19117 1 Phicomm 2 K2\(psg1218\), K2\(psg1218\) Firmware 2024-11-21 9.0 HIGH 8.8 HIGH
/usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter.
CVE-2019-19041 1 Xorur 3 Lpar2rrd, Stor2rrd, Xorur 2024-11-21 9.0 HIGH 7.2 HIGH
An issue was discovered in Xorux Lpar2RRD 6.11 and Stor2RRD 2.61, as distributed in Xorux 2.41. They do not correctly verify the integrity of an upgrade package before processing it. As a result, official upgrade packages can be modified to inject an arbitrary Bash script that will be executed by the underlying system. It is possible to achieve this by modifying the values in the files.SUM file (which are used for integrity control) and injecting malicious code into the upgrade.sh file.
CVE-2019-19034 1 Zohocorp 1 Manageengine Assetexplorer 2024-11-21 6.5 MEDIUM 7.2 HIGH
Zoho ManageEngine Asset Explorer 6.5 does not validate the System Center Configuration Manager (SCCM) database username when dynamically generating a command to schedule scans for SCCM. This allows an attacker to execute arbitrary commands on the AssetExplorer Server with NT AUTHORITY/SYSTEM privileges.
CVE-2019-18934 3 Fedoraproject, Nlnetlabs, Opensuse 3 Fedora, Unbound, Leap 2024-11-21 6.8 MEDIUM 7.3 HIGH
Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration.
CVE-2019-18910 1 Hp 1 Thinpro 2024-11-21 4.6 MEDIUM 6.8 MEDIUM
The Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with local user privileges.
CVE-2019-18909 2 Hp, Linux 2 Thinpro, Linux Kernel 2024-11-21 7.7 HIGH 8.0 HIGH
The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges.
CVE-2019-18894 1 Avast 1 Premium Security 2024-11-21 9.3 HIGH 7.8 HIGH
In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. A flaw in the processing of a command allows execution of arbitrary OS commands with the privileges of the currently logged in user. This allows for example attackers who compromised a browser extension to escape from the browser sandbox.
CVE-2019-18873 1 Fudforum 1 Fudforum 2024-11-21 8.5 HIGH 9.0 CRITICAL
FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. This may result in remote code execution. An attacker can use a user account to fully compromise the system via a GET request. When the admin visits user information under "User Manager" in the control panel, the payload will execute. This will allow for PHP files to be written to the web root, and for code to execute on the remote server. The problem is in admsession.php and admuser.php.
CVE-2019-18839 1 Fudforum 1 Fudforum 2024-11-21 8.5 HIGH 9.0 CRITICAL
FUDForum 3.0.9 is vulnerable to Stored XSS via the nlogin parameter. This may result in remote code execution. An attacker can use a user account to fully compromise the system using a POST request. When the admin visits the user information, the payload will execute. This will allow for PHP files to be written to the web root, and for code to execute on the remote server.
CVE-2019-18830 1 Barco 8 Clickshare Cs-100, Clickshare Cs-100 Firmware, Clickshare Cse-200 and 5 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow OS Command Injection. The embedded 'dongle_bridge' program used to expose the functionalities of the ClickShare Button to a USB host, is vulnerable to OS command injection vulnerabilities. These vulnerabilities could lead to code execution on the ClickShare Button with the privileges of the user 'nobody'.
CVE-2019-18424 4 Debian, Fedoraproject, Opensuse and 1 more 4 Debian Linux, Fedora, Leap and 1 more 2024-11-21 6.9 MEDIUM 6.8 MEDIUM
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This occurs because passed through PCI devices may corrupt host memory after deassignment. When a PCI device is assigned to an untrusted domain, it is possible for that domain to program the device to DMA to an arbitrary address. The IOMMU is used to protect the host from malicious DMA by making sure that the device addresses can only target memory assigned to the guest. However, when the guest domain is torn down, or the device is deassigned, the device is assigned back to dom0, thus allowing any in-flight DMA to potentially target critical host data. An untrusted domain with access to a physical device can DMA into host memory, leading to privilege escalation. Only systems where guests are given direct access to physical devices capable of DMA (PCI pass-through) are vulnerable. Systems which do not use PCI pass-through are not vulnerable.
CVE-2019-18396 1 Technicolor 2 Td5130v2, Td5130v2 Firmware 2024-11-21 9.0 HIGH 7.2 HIGH
An issue was discovered in certain Oi third-party firmware that may be installed on Technicolor TD5130v2 devices. A Command Injection in the Ping module in the Web Interface in OI_Fw_V20 allows remote attackers to execute arbitrary OS commands in the pingAddr parameter to mnt_ping.cgi. NOTE: This may overlap CVE-2017–14127.
CVE-2019-18370 1 Mi 2 Millet Router 3g, Millet Router 3g Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. The backup file is in tar.gz format. After uploading, the application uses the tar zxf command to decompress, so one can control the contents of the files in the decompressed directory. In addition, the application's sh script for testing upload and download speeds reads a URL list from /tmp/speedtest_urls.xml, and there is a command injection vulnerability, as demonstrated by api/xqnetdetect/netspeed.
CVE-2019-18184 1 Crestron 2 Dmc-stro, Dmc-stro Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
Crestron DMC-STRO 1.0 devices allow remote command execution as root via shell metacharacters to the ping function.
CVE-2019-18183 2 Fedoraproject, Pacman Project 2 Fedora, Pacman 2024-11-21 6.8 MEDIUM 9.8 CRITICAL
pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the apply_deltas() function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable the non-default delta feature and retrieve an attacker-controlled crafted database and delta file.