CVE-2019-3595

LOW Year: 2019
CVSS v3 Score
2.0
Low
CVSS v2 Score
4.4
Medium
Weakness Type
CWE-78
View all →

Vulnerability Description

Improper Neutralization of Special Elements used in a Command ('Command Injection') in ePO extension in McAfee Data Loss Prevention (DLP) 11.x prior to 11.3.0 allows Authenticated Adminstrator to execute arbitrary code with their local machine privileges via a specially crafted DLP policy, which is exported and opened on the their machine. In our checks, the user must explicitly allow the code to execute.

Related Vulnerabilities

CVE-2024-47821

LOW
CVSS:2.3(Low)

pyLoad is a free and open-source Download Manager. The folder `/.pyload/scripts` has scripts which are run when certain actions are completed, for e.g. a download is finished. By downloading a executa...

CWE-782024

CVE-2025-27398

LOW
CVSS:2.7(Low)

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly neutralize special characters when interpreting user controlled log...

CWE-782025

CVE-2021-32556

LOW
CVSS:3.3(Low)

It was discovered that the get_modified_conffiles() function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg(1) call.

CWE-782021

CVE-2022-0841

LOW
CVSS:3.8(Low)

OS Command Injection in GitHub repository ljharb/npm-lockfile in v2.0.3 and v2.0.4.

CWE-782022

CVE-2024-12970

LOW
CVSS:3.9(Low)

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TUBITAK BILGEM Pardus OS My Computer allows OS Command Injection.This issue affects Pardus O...

CWE-782024

CVE-2015-7426

CRITICAL
CVSS:10.0(Critical)

The Data Protection extension in the VMware GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 7.1 before 7.1.3.0 an...

CWE-782015