Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-25 | CVE-2020-6811 | Command Injection vulnerability in multiple products The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. | 8.8 |
| 2020-03-18 | CVE-2019-12921 | Command Injection vulnerability in multiple products In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG. | 6.5 |
| 2020-03-10 | CVE-2019-12430 | Command Injection vulnerability in Gitlab 11.11.0 An issue was discovered in GitLab Community and Enterprise Edition 11.11. | 8.8 |
| 2020-02-27 | CVE-2019-5323 | Command Injection vulnerability in Arubanetworks Airwave There are command injection vulnerabilities present in the AirWave application. | 7.2 |
| 2020-02-27 | CVE-2020-3924 | Command Injection vulnerability in Tonnet products DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET do not properly verify patch files. | 9.8 |
| 2020-02-18 | CVE-2020-1790 | Command Injection vulnerability in Huawei Gaussdb 200 6.5.1 GaussDB 200 with version of 6.5.1 have a command injection vulnerability. | 8.8 |
| 2020-02-18 | CVE-2020-1811 | Command Injection vulnerability in Huawei Gaussdb 200 6.5.1 GaussDB 200 with version of 6.5.1 have a command injection vulnerability. | 8.8 |
| 2020-02-13 | CVE-2020-3760 | Command Injection vulnerability in Adobe Digital Editions Adobe Digital Editions versions 4.5.10 and below have a command injection vulnerability. | 9.8 |
| 2020-01-28 | CVE-2019-4635 | Command Injection vulnerability in IBM Security Secret Server 10.6/10.7 IBM Security Secret Server 10.7 could allow a privileged user to perform unauthorized command injection due to imporoper input neutralization of special elements. | 2.7 |
| 2020-01-17 | CVE-2019-17361 | Command Injection vulnerability in multiple products In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. | 9.8 |