Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-04 | CVE-2018-19031 | Command Injection vulnerability in 360 products A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. | 6.5 |
| 2019-10-31 | CVE-2019-3421 | Command Injection vulnerability in ZTW Zx297520V3 Firmware 7520V3V1.0.0B09P27 The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE product ZX297520V3 are impacted by a Command Injection vulnerability. | 7.7 |
| 2019-10-30 | CVE-2018-16417 | Command Injection vulnerability in multiple products Aruba Instant 4.x prior to 6.4.4.8-4.2.4.12, 6.5.x prior to 6.5.4.11, 8.3.x prior to 8.3.0.6, and 8.4.x prior to 8.4.0.1 allows Command injection. | 5.0 |
| 2019-10-25 | CVE-2019-8088 | Command Injection vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a command injection vulnerability. | 7.5 |
| 2019-10-10 | CVE-2019-15051 | Command Injection vulnerability in Softing products An issue was discovered in Softing uaGate (SI, MB, 840D) firmware through 1.71.00.1225. | 9.0 |
| 2019-10-09 | CVE-2019-1584 | Command Injection vulnerability in Zingbox Inspector A security vulnerability exists in Zingbox Inspector version 1.293 and earlier, that allows for remote code execution if the Inspector were sent a malicious command from the Zingbox cloud, or if the Zingbox Inspector were tampered with to connect to an attacker's cloud endpoint. | 9.8 |
| 2019-10-02 | CVE-2019-12736 | Command Injection vulnerability in Jetbrains Ktor JetBrains Ktor framework before 1.2.0-rc does not sanitize the username provided by the user for the LDAP protocol, leading to command injection. | 7.5 |
| 2019-09-27 | CVE-2019-8073 | Command Injection vulnerability in Adobe Coldfusion 2016/2018 ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Command Injection via Vulnerable component vulnerability. | 10.0 |
| 2019-09-18 | CVE-2019-13552 | Command Injection vulnerability in Advantech Webaccess In WebAccess versions 8.4.1 and prior, multiple command injection vulnerabilities are caused by a lack of proper validation of user-supplied data and may allow arbitrary file deletion and remote code execution. | 6.5 |
| 2019-09-14 | CVE-2019-16305 | Command Injection vulnerability in Mobatek Mobaxterm 11.1/12.1 In MobaXterm 11.1 and 12.1, the protocol handler is vulnerable to command injection. | 6.8 |