CVE-2019-4294

HIGH Year: 2019
CVSS v3 Score
8.4
High
CVSS v2 Score
7.2
High
Weakness Type
CWE-78
View all →

Vulnerability Description

IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.6, 7.6.0.0 through 7.6.0.15 and IBM MQ Appliance 8.0.0.0 through 8.0.0.12, 9.1.0.0 through 9.1.0.2, and 9.1.1 through 9.1.2 could allow a local attacker to execute arbitrary commands on the system, caused by a command injection vulnerability. IBM X-Force ID: 16188.

Related Vulnerabilities

CVE-2017-6970

HIGH
CVSS:8.4(High)

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863.

CWE-782017

CVE-2019-13139

HIGH
CVSS:8.4(High)

In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "doc...

CWE-782019

CVE-2024-1628

HIGH
CVSS:8.4(High)

OS command injection vulnerabilities in GE HealthCare ultrasound devices

CWE-782024

CVE-2024-3126

HIGH
CVSS:8.4(High)

A command injection vulnerability exists in the 'run_xtts_api_server' function of the parisneo/lollms-webui application, specifically within the 'lollms_xtts.py' script. The vulnerability arises due t...

CWE-782024

CVE-2024-39401

HIGH
CVSS:8.4(High)

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability t...

CWE-782024

CVE-2024-39402

HIGH
CVSS:8.4(High)

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability t...

CWE-782024