Total
4026 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-1000006 | 2 Atom, Microsoft | 4 Electron, Windows 10, Windows 7 and 1 more | 2024-08-05 | N/A |
| GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user clicks on a specially crafted URL. This has been fixed in versions 1.8.2-beta.4, 1.7.11, and 1.6.16. | ||||
| CVE-2018-1000042 | 1 Securityonion | 1 Squert | 2024-08-05 | N/A |
| Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the data or obj parameters, used in autocat(). This vulnerability appears to have been fixed in 1.7.0. | ||||
| CVE-2018-1000043 | 1 Securityonion | 1 Squert | 2024-08-05 | N/A |
| Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the txdata parameter, used in tx()/transcript(), or the catdata parameter, used in cat(). This vulnerability appears to have been fixed in 1.7.0. | ||||
| CVE-2018-1000019 | 1 Open-emr | 1 Openemr | 2024-08-05 | N/A |
| OpenEMR version 5.0.0 contains a OS Command Injection vulnerability in fax_dispatch.php that can result in OS command injection by an authenticated attacker with any role. This vulnerability appears to have been fixed in 5.0.0 Patch 2 or higher. | ||||
| CVE-2018-25083 | 1 Pull It Project | 1 Pull It | 2024-08-05 | 9.8 Critical |
| The pullit package before 1.4.0 for Node.js allows OS Command Injection because eval is used on an attacker-supplied Git branch name. | ||||
| CVE-2018-21225 | 1 Netgear | 28 D7000, D7000 Firmware, D7800 and 25 more | 2024-08-05 | 6.8 Medium |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, R6700 before 1.0.1.30, R6700v2 before 1.2.0.16, R6800 before 1.2.0.16, R6900 before 1.0.1.30, R6900P before 1.2.0.22, R6900v2 before 1.2.0.16, R7000 before 1.0.9.12, R7000P before 1.2.0.22, R7500v2 before 1.0.3.20, R7800 before 1.0.2.44, R8300 before 1.0.2.106, R8500 before 1.0.2.106, and R9000 before 1.0.2.52. | ||||
| CVE-2018-21164 | 1 Netgear | 4 R6220, R6220 Firmware, Wndr3700 and 1 more | 2024-08-05 | 7.2 High |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6220 before 1.1.0.64 and WNDR3700v5 before 1.1.0.54. | ||||
| CVE-2018-21154 | 1 Netgear | 10 D7800, D7800 Firmware, Dm200 and 7 more | 2024-08-05 | 6.8 Medium |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, and R7800 before 1.0.2.42. | ||||
| CVE-2018-21152 | 1 Netgear | 14 D7800, D7800 Firmware, R7500 and 11 more | 2024-08-05 | 6.8 Medium |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR4300v2 before 1.0.0.54, and WNDR4500v3 before 1.0.0.54. | ||||
| CVE-2018-21162 | 1 Netgear | 32 D6400, D6400 Firmware, Ex6200 and 29 more | 2024-08-05 | 9.8 Critical |
| Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6400 before 1.0.0.78, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.8, R6300v2 before 1.0.4.6, R6400 before 1.0.1.12, R6700 before 1.0.1.16, R7000 before 1.0.7.10, R7100LG before 1.0.0.42, R7300DST before 1.0.0.44, R7900 before 1.0.1.12, R8000 before 1.0.3.36, R8300 before 1.0.2.74, R8500 before 1.0.2.74, WNDR3400v3 before 1.0.1.14, and WNR3500Lv2 before 1.2.0.48. | ||||
| CVE-2018-21157 | 1 Netgear | 18 D7800, D7800 Firmware, R6700 and 15 more | 2024-08-05 | 6.8 Medium |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.28, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.28, R7500v2 before 1.0.3.24, R7800 before 1.0.2.38, R9000 before 1.0.2.52, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. | ||||
| CVE-2018-21103 | 1 Netgear | 2 R7800, R7800 Firmware | 2024-08-05 | 6.8 Medium |
| NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user. | ||||
| CVE-2018-21104 | 1 Netgear | 2 R7800, R7800 Firmware | 2024-08-05 | 6.8 Medium |
| NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user. | ||||
| CVE-2018-21101 | 1 Netgear | 2 R7800, R7800 Firmware | 2024-08-05 | 8.0 High |
| NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user. | ||||
| CVE-2018-21110 | 1 Netgear | 2 R7800, R7800 Firmware | 2024-08-05 | 6.8 Medium |
| NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user. | ||||
| CVE-2018-21106 | 1 Netgear | 2 R7800, R7800 Firmware | 2024-08-05 | 6.8 Medium |
| NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user. | ||||
| CVE-2018-21105 | 1 Netgear | 2 R7800, R7800 Firmware | 2024-08-05 | 6.8 Medium |
| NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user. | ||||
| CVE-2018-21127 | 1 Netgear | 4 Wac505, Wac505 Firmware, Wac510 and 1 more | 2024-08-05 | 8.8 High |
| Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17. | ||||
| CVE-2018-21098 | 1 Netgear | 2 R7800, R7800 Firmware | 2024-08-05 | 6.8 Medium |
| NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user. | ||||
| CVE-2018-21130 | 1 Netgear | 4 Wac505, Wac505 Firmware, Wac510 and 1 more | 2024-08-05 | 8.8 High |
| Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17. | ||||