Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-18 | CVE-2019-13552 | Command Injection vulnerability in Advantech Webaccess In WebAccess versions 8.4.1 and prior, multiple command injection vulnerabilities are caused by a lack of proper validation of user-supplied data and may allow arbitrary file deletion and remote code execution. | 8.8 |
| 2019-09-14 | CVE-2019-16305 | Command Injection vulnerability in Mobatek Mobaxterm 11.1/12.1 In MobaXterm 11.1 and 12.1, the protocol handler is vulnerable to command injection. | 8.8 |
| 2019-09-05 | CVE-2019-9254 | Command Injection vulnerability in Google Android 10.0 In readArgumentList of zygote.java in Android 10, there is a possible command injection due to improper input validation. | 7.8 |
| 2019-08-26 | CVE-2019-7989 | Command Injection vulnerability in Adobe Photoshop CC Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a command injection vulnerability. | 8.8 |
| 2019-08-26 | CVE-2019-7968 | Command Injection vulnerability in Adobe Photoshop CC Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a command injection vulnerability. | 9.8 |
| 2019-08-20 | CVE-2019-8060 | Command Injection vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a command injection vulnerability. | 9.8 |
| 2019-08-14 | CVE-2019-12104 | Command Injection vulnerability in Tp-Link M7350 Firmware 1.0.16/151021/160330 The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by several post-authentication command injection vulnerabilities. | 8.8 |
| 2019-08-09 | CVE-2019-12805 | Command Injection vulnerability in Ncsoft NC Launcher2 2.4.1.691 NCSOFT Game Launcher, NC Launcher2 2.4.1.691 and earlier versions have a vulnerability in the custom protocol handler that could allow remote attacker to execute arbitrary command. | 8.8 |
| 2019-08-07 | CVE-2019-14745 | Command Injection vulnerability in multiple products In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. | 7.8 |
| 2019-08-02 | CVE-2017-18442 | Command Injection vulnerability in Cpanel cPanel before 64.0.21 allows demo accounts to execute Cpanel::SPFUI API commands (SEC-246). | 5.3 |