Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-30 | CVE-2019-9507 | Command Injection vulnerability in Vertiv Avocent Umg-4000 Firmware 4.2.1.19 The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to command injection because the application incorrectly neutralizes code syntax before executing. | 7.2 |
| 2020-03-26 | CVE-2020-10826 | Command Injection vulnerability in Draytek products /cgi-bin/activate.cgi on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve command injection via a remote HTTP request in DEBUG mode. | 9.8 |
| 2020-03-25 | CVE-2020-6811 | Command Injection vulnerability in multiple products The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. | 8.8 |
| 2020-03-18 | CVE-2019-12921 | Command Injection vulnerability in multiple products In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG. | 6.5 |
| 2020-03-10 | CVE-2019-12430 | Command Injection vulnerability in Gitlab 11.11.0 An issue was discovered in GitLab Community and Enterprise Edition 11.11. | 8.8 |
| 2020-02-27 | CVE-2019-5323 | Command Injection vulnerability in Arubanetworks Airwave There are command injection vulnerabilities present in the AirWave application. | 7.2 |
| 2020-02-27 | CVE-2020-3924 | Command Injection vulnerability in Tonnet products DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET do not properly verify patch files. | 9.8 |
| 2020-02-18 | CVE-2020-1790 | Command Injection vulnerability in Huawei Gaussdb 200 6.5.1 GaussDB 200 with version of 6.5.1 have a command injection vulnerability. | 8.8 |
| 2020-02-18 | CVE-2020-1811 | Command Injection vulnerability in Huawei Gaussdb 200 6.5.1 GaussDB 200 with version of 6.5.1 have a command injection vulnerability. | 8.8 |
| 2020-02-13 | CVE-2020-3760 | Command Injection vulnerability in Adobe Digital Editions Adobe Digital Editions versions 4.5.10 and below have a command injection vulnerability. | 9.8 |