Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-02 | CVE-2019-13152 | Command Injection vulnerability in Trendnet Tew-827Dru Firmware 1.04B01/2.04/2.04B03 An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. | 8.8 |
| 2019-07-02 | CVE-2019-13150 | Command Injection vulnerability in Trendnet Tew-827Dru Firmware 1.04B01/2.04/2.04B03 An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. | 8.8 |
| 2019-07-02 | CVE-2019-13148 | Command Injection vulnerability in Trendnet Tew-827Dru Firmware 1.04B01/2.04/2.04B03 An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. | 8.8 |
| 2019-07-01 | CVE-2019-13024 | Command Injection vulnerability in Centreon 19.04.0 Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web before 2.8.29 allows the attacker to execute arbitrary system commands by using the value "init_script"-"Monitoring Engine Binary" in main.get.php to insert a arbitrary command into the database, and execute it by calling the vulnerable page www/include/configuration/configGenerate/xml/generateFiles.php (which passes the inserted value to the database to shell_exec without sanitizing it, allowing one to execute system arbitrary commands). | 8.8 |
| 2019-06-20 | CVE-2019-1624 | Command Injection vulnerability in Cisco Sd-Wan A vulnerability in the vManage web-based UI (Web UI) in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. | 8.8 |
| 2019-06-18 | CVE-2017-8333 | Command Injection vulnerability in Securifi products An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. | 8.8 |
| 2019-06-18 | CVE-2017-8331 | Command Injection vulnerability in Securifi products An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. | 8.8 |
| 2019-06-17 | CVE-2018-19450 | Command Injection vulnerability in Foxitsoftware Foxit PDF SDK Activex A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) 5.4.0.1031 when parsing a launch action. | 7.8 |
| 2019-06-17 | CVE-2018-19445 | Command Injection vulnerability in Foxitsoftware Foxit PDF SDK Activex 5.4.0.1031/5.5.0 A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API app.launchURL is used. | 7.8 |
| 2019-06-17 | CVE-2017-9384 | Command Injection vulnerability in Getvera Veraedge Firmware and Veralite Firmware An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. | 8.8 |