Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-05 | CVE-2019-18780 | Command Injection vulnerability in Veritas products An arbitrary command injection vulnerability in the Cluster Server component of Veritas InfoScale allows an unauthenticated remote attacker to execute arbitrary commands as root or administrator. | 9.8 |
| 2019-11-04 | CVE-2018-19031 | Command Injection vulnerability in 360 products A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. | 8.8 |
| 2019-10-31 | CVE-2019-3421 | Command Injection vulnerability in ZTW Zx297520V3 Firmware 7520V3V1.0.0B09P27 The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE product ZX297520V3 are impacted by a Command Injection vulnerability. | 8.0 |
| 2019-10-30 | CVE-2018-16417 | Command Injection vulnerability in multiple products Aruba Instant 4.x prior to 6.4.4.8-4.2.4.12, 6.5.x prior to 6.5.4.11, 8.3.x prior to 8.3.0.6, and 8.4.x prior to 8.4.0.1 allows Command injection. | 7.5 |
| 2019-10-28 | CVE-2019-18188 | Command Injection vulnerability in Trendmicro Apex ONE 2019 Trend Micro Apex One could be exploited by an attacker utilizing a command injection vulnerability to extract files from an arbitrary zip file to a specific folder on the Apex One server, which could potentially lead to remote code execution (RCE). | 7.5 |
| 2019-10-25 | CVE-2019-8088 | Command Injection vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a command injection vulnerability. | 9.8 |
| 2019-10-10 | CVE-2019-15051 | Command Injection vulnerability in Softing products An issue was discovered in Softing uaGate (SI, MB, 840D) firmware through 1.71.00.1225. | 8.8 |
| 2019-10-09 | CVE-2019-1584 | Command Injection vulnerability in Zingbox Inspector A security vulnerability exists in Zingbox Inspector version 1.293 and earlier, that allows for remote code execution if the Inspector were sent a malicious command from the Zingbox cloud, or if the Zingbox Inspector were tampered with to connect to an attacker's cloud endpoint. | 9.8 |
| 2019-10-02 | CVE-2019-12736 | Command Injection vulnerability in Jetbrains Ktor JetBrains Ktor framework before 1.2.0-rc does not sanitize the username provided by the user for the LDAP protocol, leading to command injection. | 9.8 |
| 2019-09-27 | CVE-2019-8073 | Command Injection vulnerability in Adobe Coldfusion 2016/2018 ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Command Injection via Vulnerable component vulnerability. | 9.8 |