Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-27 | CVE-2020-3924 | Command Injection vulnerability in Tonnet products DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET do not properly verify patch files. | 9.8 |
| 2020-02-18 | CVE-2020-1790 | Command Injection vulnerability in Huawei Gaussdb 200 6.5.1 GaussDB 200 with version of 6.5.1 have a command injection vulnerability. | 8.8 |
| 2020-02-18 | CVE-2020-1811 | Command Injection vulnerability in Huawei Gaussdb 200 6.5.1 GaussDB 200 with version of 6.5.1 have a command injection vulnerability. | 8.8 |
| 2020-02-13 | CVE-2020-3760 | Command Injection vulnerability in Adobe Digital Editions Adobe Digital Editions versions 4.5.10 and below have a command injection vulnerability. | 9.8 |
| 2020-01-28 | CVE-2019-4635 | Command Injection vulnerability in IBM Security Secret Server 10.6/10.7 IBM Security Secret Server 10.7 could allow a privileged user to perform unauthorized command injection due to imporoper input neutralization of special elements. | 2.7 |
| 2020-01-17 | CVE-2019-17361 | Command Injection vulnerability in multiple products In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. | 9.8 |
| 2020-01-15 | CVE-2019-15010 | Command Injection vulnerability in Atlassian Bitbucket Bitbucket Server and Bitbucket Data Center versions starting from version 3.0.0 before version 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from version 6.5.0 before 6.5.3, from version 6.6.0 before 6.6.3, from version 6.7.0 before 6.7.3, from version 6.8.0 before 6.8.2, and from version 6.9.0 before 6.9.1 had a Remote Code Execution vulnerability via certain user input fields. | 8.8 |
| 2020-01-10 | CVE-2014-4982 | Command Injection vulnerability in Xorux Lpar2Rrd LPAR2RRD = 4.53 and = 3.5 has arbitrary command injection on the application server. | 9.8 |
| 2019-12-19 | CVE-2019-8255 | Command Injection vulnerability in Adobe Brackets 1.14/1.6 Brackets versions 1.14 and earlier have a command injection vulnerability. | 9.8 |
| 2019-12-18 | CVE-2019-15575 | Command Injection vulnerability in Gitlab A command injection exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to inject commands via the API through the blobs scope. | 7.5 |