Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-28 | CVE-2019-4635 | Command Injection vulnerability in IBM Security Secret Server 10.6/10.7 IBM Security Secret Server 10.7 could allow a privileged user to perform unauthorized command injection due to imporoper input neutralization of special elements. | 2.7 |
| 2020-01-17 | CVE-2019-17361 | Command Injection vulnerability in multiple products In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. | 9.8 |
| 2020-01-15 | CVE-2019-15010 | Command Injection vulnerability in Atlassian Bitbucket Bitbucket Server and Bitbucket Data Center versions starting from version 3.0.0 before version 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from version 6.5.0 before 6.5.3, from version 6.6.0 before 6.6.3, from version 6.7.0 before 6.7.3, from version 6.8.0 before 6.8.2, and from version 6.9.0 before 6.9.1 had a Remote Code Execution vulnerability via certain user input fields. | 8.8 |
| 2020-01-10 | CVE-2014-4982 | Command Injection vulnerability in Xorux Lpar2Rrd LPAR2RRD = 4.53 and = 3.5 has arbitrary command injection on the application server. | 9.8 |
| 2019-12-19 | CVE-2019-8255 | Command Injection vulnerability in Adobe Brackets 1.14/1.6 Brackets versions 1.14 and earlier have a command injection vulnerability. | 9.8 |
| 2019-12-18 | CVE-2019-15575 | Command Injection vulnerability in Gitlab A command injection exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to inject commands via the API through the blobs scope. | 7.5 |
| 2019-12-04 | CVE-2018-0730 | Command Injection vulnerability in Qnap QTS This command injection vulnerability in File Station allows attackers to execute commands on the affected device. | 9.8 |
| 2019-12-04 | CVE-2018-0729 | Command Injection vulnerability in Qnap Music Station This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. | 9.8 |
| 2019-11-14 | CVE-2019-18647 | Command Injection vulnerability in Untangle NG Firewall 14.2.0 The Untangle NG firewall 14.2.0 is vulnerable to an authenticated command injection when logged in as an admin user. | 7.2 |
| 2019-11-13 | CVE-2019-9467 | Command Injection vulnerability in Google Android In the Bootloader, there is a possible kernel command injection due to missing command sanitization. | 6.7 |