CVE-2023-2091

HIGH Year: 2023
CVSS v3 Score
7.8
High
CVSS v2 Score
6.8
Medium
Weakness Type
CWE-78
View all →

Vulnerability Description

A vulnerability classified as critical was found in KylinSoft youker-assistant on KylinOS. Affected by this vulnerability is the function adjust_cpufreq_scaling_governer. The manipulation leads to os command injection. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.4.13 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-226099.

Related Vulnerabilities

CVE-2013-0517

HIGH
CVSS:7.8(High)

A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.01, 2.4.0, and 2.4.1 via an unspecified OS command, which could let a local malicious user execute ar...

CWE-782013

CVE-2015-6396

HIGH
CVSS:7.8(High)

The CLI command parser on Cisco RV110W, RV130W, and RV215W devices allows local users to execute arbitrary shell commands as an administrator via crafted parameters, aka Bug IDs CSCuv90134, CSCux58161...

CWE-782015

CVE-2016-10320

HIGH
CVSS:7.8(High)

textract before 1.5.0 allows OS Command Injection attacks via a filename in a call to the process function. This may be a remote attack if a web application accepts names of arbitrary uploaded files.

CWE-782016

CVE-2016-1339

HIGH
CVSS:7.8(High)

Cisco Unified Computing System (UCS) Platform Emulator 2.5(2)TS4, 3.0(2c)A, and 3.0(2c)TS9 allows local users to gain privileges via crafted arguments on a ucspe-copy command line, aka Bug ID CSCux688...

CWE-782016

CVE-2016-4853

HIGH
CVSS:7.8(High)

AKABEi SOFT2 games allow remote attackers to execute arbitrary OS commands via crafted saved data, as demonstrated by Happy Wardrobe.

CWE-782016

CVE-2016-6065

HIGH
CVSS:7.8(High)

IBM Security Guardium Database Activity Monitor appliance could allow a local user to inject commands that would be executed as root.

CWE-782016