Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-18 | CVE-2020-14437 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 8.8 |
| 2020-06-18 | CVE-2020-14436 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 8.8 |
| 2020-06-18 | CVE-2020-14435 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 8.8 |
| 2020-06-18 | CVE-2020-14434 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 6.8 |
| 2020-06-18 | CVE-2020-14433 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 6.8 |
| 2020-06-10 | CVE-2020-4432 | Command Injection vulnerability in IBM products Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API. | 7.5 |
| 2020-06-03 | CVE-2020-5299 | Command Injection vulnerability in Octobercms October In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, any users with the ability to modify any data that could eventually be exported as a CSV file from the `ImportExportController` could potentially introduce a CSV injection into the data to cause the generated CSV export file to be malicious. | 5.1 |
| 2020-05-28 | CVE-2020-11079 | Command Injection vulnerability in Node-Dns-Sync Project Node-Dns-Sync 0.1.3 node-dns-sync (npm module dns-sync) through 0.2.0 allows execution of arbitrary commands . | 9.8 |
| 2020-04-23 | CVE-2019-17101 | Command Injection vulnerability in Netatmo Smart Indoor Camera Firmware Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in firmware versions prior to x.xx of Netatmo Smart Indoor Camera allows an attacker to execute commands on the device. | 6.7 |
| 2020-04-16 | CVE-2019-20761 | Command Injection vulnerability in Netgear R7800 Firmware NETGEAR R7800 devices before 1.0.2.62 are affected by command injection by an authenticated user. | 8.0 |