Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-28 | CVE-2017-1407 | Command Injection vulnerability in IBM products IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 8.8 |
| 2017-09-25 | CVE-2015-5704 | Command Injection vulnerability in multiple products scripts/licensecheck.pl in devscripts before 2.15.7 allows local users to execute arbitrary shell commands. | 7.8 |
| 2017-09-22 | CVE-2017-14081 | Command Injection vulnerability in Trendmicro Mobile Security 9.7 Proxy command injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. | 8.8 |
| 2017-09-12 | CVE-2017-1352 | Command Injection vulnerability in IBM Maximo Asset Management 7.5/7.6 IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file. | 5.5 |
| 2017-09-07 | CVE-2017-6794 | Command Injection vulnerability in Cisco Meeting Server A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform command injection and escalate their privileges to root. | 6.7 |
| 2017-09-06 | CVE-2015-2210 | Command Injection vulnerability in Epicor CRS Retail Store 3.2.03.01.008 The help window in Epicor CRS Retail Store before 3.2.03.01.008 allows local users to execute arbitrary code by injecting Javascript into the window source to create a button that spawns a command shell. | 7.8 |
| 2017-08-22 | CVE-2015-2857 | Command Injection vulnerability in Accellion File Transfer Appliance 80540/911200 Accellion File Transfer Appliance before FTA_9_11_210 allows remote attackers to execute arbitrary code via shell metacharacters in the oauth_token parameter. | 9.8 |
| 2017-08-09 | CVE-2017-12756 | Command Injection vulnerability in Extplorer Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile[0] parameter. | 7.2 |
| 2017-08-03 | CVE-2017-11392 | Command Injection vulnerability in Trendmicro Interscan Messaging Security Virtual Appliance 9.0/9.1 Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. | 8.8 |
| 2017-08-03 | CVE-2017-11391 | Command Injection vulnerability in Trendmicro Interscan Messaging Security Virtual Appliance 9.0/9.1 Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. | 8.8 |