Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-15 | CVE-2019-15010 | Command Injection vulnerability in Atlassian Bitbucket Bitbucket Server and Bitbucket Data Center versions starting from version 3.0.0 before version 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from version 6.5.0 before 6.5.3, from version 6.6.0 before 6.6.3, from version 6.7.0 before 6.7.3, from version 6.8.0 before 6.8.2, and from version 6.9.0 before 6.9.1 had a Remote Code Execution vulnerability via certain user input fields. | 8.8 |
| 2020-01-10 | CVE-2014-4982 | Command Injection vulnerability in Xorux Lpar2Rrd LPAR2RRD = 4.53 and = 3.5 has arbitrary command injection on the application server. | 9.8 |
| 2019-12-19 | CVE-2019-8255 | Command Injection vulnerability in Adobe Brackets 1.14/1.6 Brackets versions 1.14 and earlier have a command injection vulnerability. | 9.8 |
| 2019-12-18 | CVE-2019-15575 | Command Injection vulnerability in Gitlab A command injection exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to inject commands via the API through the blobs scope. | 7.5 |
| 2019-12-04 | CVE-2018-0730 | Command Injection vulnerability in Qnap QTS This command injection vulnerability in File Station allows attackers to execute commands on the affected device. | 9.8 |
| 2019-12-04 | CVE-2018-0729 | Command Injection vulnerability in Qnap Music Station This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. | 9.8 |
| 2019-11-14 | CVE-2019-18647 | Command Injection vulnerability in Untangle NG Firewall 14.2.0 The Untangle NG firewall 14.2.0 is vulnerable to an authenticated command injection when logged in as an admin user. | 7.2 |
| 2019-11-13 | CVE-2019-9467 | Command Injection vulnerability in Google Android In the Bootloader, there is a possible kernel command injection due to missing command sanitization. | 6.7 |
| 2019-11-05 | CVE-2019-18780 | Command Injection vulnerability in Veritas products An arbitrary command injection vulnerability in the Cluster Server component of Veritas InfoScale allows an unauthenticated remote attacker to execute arbitrary commands as root or administrator. | 9.8 |
| 2019-11-04 | CVE-2018-19031 | Command Injection vulnerability in 360 products A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. | 8.8 |