CVE-2024-22223

Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svccbr utility. An authenticated malicious user with local access could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with t...

CVE-2015-2202

Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows administrative users to escalate privileges to root on the underlying OS...

CVE-2023-23692

Dell EMC prior to version DDOS 7.9 contains an OS command injection Vulnerability. An authenticated non admin attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable...

CVE-2022-22555

Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the PowerStore underlying OS, with the privileges of the vulnerable application. Exploitation ma...

Input validation

Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISIPRIVCLUSTER privilege may exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable...

Design/Logic Flaw

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor ROMMON variables are set. An attacker could...

Cisco UCS Manager Software CLI Command Injection (cisco-sa-20200226-fxos-ucs-cmdinj)

According to its self-reported version, Cisco UCS Manager Software is affected by a vulnerability in the CLI due to insufficient input validation. An authenticated, local attacker can exploit this, by including crafted arguments to specific commands, in order to execute arbitrary commands on the...

Cisco NX-OS Command Injection Vulnerability (CNVD-2019-14615)

Cisco NX-OS is the network operating system for the Cisco Nexus family of Ethernet switches and the MDS family of Fibre Channel storage area network switches. A command injection vulnerability exists in the CLI of Cisco NX-OS. The vulnerability stems from insufficient validation of parameters...

CVE-2013-0694

The Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier have hardcoded credentials in a ROM, which makes it easier for remote attackers to obtain shell access to the underlying OS by...