Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-01 | CVE-2020-15228 | Command Injection vulnerability in Toolkit Project Toolkit In the `@actions/core` npm module before version 1.2.6,`addPath` and `exportVariable` functions communicate with the Actions Runner over stdout by generating a string in a specific format. | 5.0 |
| 2020-09-17 | CVE-2020-0130 | Command Injection vulnerability in Google Android 11.0 In screencap, there is a possible command injection due to improper input validation. | 7.8 |
| 2020-09-17 | CVE-2020-11698 | Command Injection vulnerability in Titanhq Spamtitan 7.07 An issue was discovered in Titan SpamTitan 7.07. | 9.8 |
| 2020-09-15 | CVE-2020-24561 | Command Injection vulnerability in Trendmicro Serverprotect 3.0 A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system. | 9.1 |
| 2020-09-11 | CVE-2020-14100 | Command Injection vulnerability in MI R3600 Firmware In Xiaomi router R3600 ROM version<1.0.66, filters in the set_WAN6 interface can be bypassed, causing remote code execution. | 9.8 |
| 2020-09-08 | CVE-2020-11117 | Command Injection vulnerability in Qualcomm products u'In the lbd service, an external user can issue a specially crafted debug command to overwrite arbitrary files with arbitrary content resulting in remote code execution.' in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ6018, IPQ8064, IPQ8074, QCA4531, QCA9531, QCA9980 | 9.8 |
| 2020-09-03 | CVE-2020-9199 | Command Injection vulnerability in Huawei products B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a command injection vulnerability. | 6.8 |
| 2020-09-02 | CVE-2020-25079 | Command Injection vulnerability in Dlink Dcs-2530L Firmware and Dcs-2670L Firmware An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. | 8.8 |
| 2020-09-01 | CVE-2020-25067 | Command Injection vulnerability in Netgear R8300 Firmware NETGEAR R8300 devices before 1.0.2.134 are affected by command injection by an unauthenticated attacker. | 8.8 |
| 2020-08-21 | CVE-2019-11853 | Command Injection vulnerability in Sierrawireless Aleos Several potential command injections vulnerabilities exist in the AT command interface of ALEOS before 4.11.0, and 4.9.4. | 7.2 |