| CVE-2021-21315 |
unknown |
— |
1.5 |
|
|
|
5y ago |
In this vulnerability, an attacker can send a malicious payload that will exploit the name parameter. After successful exploitation, attackers can execute remote. |
| CVE-2026-26318 |
unknown |
— |
— |
|
|
|
4mo ago |
systeminformation is a System and OS information library for node.js. Versions prior to 5.31.0 are vulnerable to command injection via unsanitized `locate` output in `versions()`. Version 5.31.0 fixe… |
| CVE-2026-26280 |
unknown |
— |
— |
|
|
|
4mo ago |
systeminformation is a System and OS information library for node.js. In versions prior to 5.30.8, a command injection vulnerability in the `wifiNetworks()` function allows an attacker to execute arb… |
| CVE-2025-68154 |
unknown |
— |
— |
|
|
|
6mo ago |
systeminformation is a System and OS information library for node.js. In versions prior to 5.27.14, the `fsSize()` function in systeminformation is vulnerable to OS command injection on Windows syste… |
| CVE-2024-56334 |
unknown |
— |
— |
|
|
|
2y ago |
systeminformation is a System and OS information library for node.js. In affected versions SSIDs are not sanitized when before they are passed as a parameter to cmd.exe in the `getWindowsIEEE8021x` f… |
| CVE-2023-42810 |
unknown |
— |
— |
|
|
|
3y ago |
systeminformation is a System Information Library for Node.JS. Versions 5.0.0 through 5.21.6 have a SSID Command Injection Vulnerability. The problem was fixed with a parameter check in version 5.21.… |
| CVE-2020-7778 |
unknown |
— |
— |
|
|
|
4y ago |
This affects the package systeminformation before 4.30.2. The attacker can overwrite the properties and functions of an object, which can lead to executing OS commands. |
| CVE-2021-21388 |
unknown |
— |
— |
|
|
|
5y ago |
systeminformation is an open source system and OS information library for node.js. A command injection vulnerability has been discovered in versions of systeminformation prior to 5.6.4. The issue has… |
| CVE-2020-26274 |
unknown |
— |
— |
|
|
|
6y ago |
In systeminformation (npm package) before version 4.31.1 there is a command injection vulnerability. The problem was fixed in version 4.31.1 with a shell string sanitation fix. |
| CVE-2020-26245 |
unknown |
— |
— |
|
|
|
6y ago |
npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper poll… |
| CVE-2020-26300 |
unknown |
— |
— |
|
|
|
6y ago |
systeminformation is an npm package that provides system and OS information library for node.js. In systeminformation before version 4.26.2 there is a command injection vulnerability. Problem was fix… |
| CVE-2020-7752 |
unknown |
— |
— |
|
|
|
6y ago |
This affects the package systeminformation before 4.27.11. This package is vulnerable to Command Injection. The attacker can concatenate curl's parameters to overwrite Javascript files and then execu… |
