Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-03-31 | CVE-2014-5009 | Command Injection vulnerability in multiple products Snoopy allows remote attackers to execute arbitrary commands. | 9.8 |
2017-03-31 | CVE-2014-5008 | Command Injection vulnerability in multiple products Snoopy allows remote attackers to execute arbitrary commands. | 9.8 |
2017-03-31 | CVE-2008-7313 | Command Injection vulnerability in multiple products The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. | 9.8 |
2017-03-30 | CVE-2017-6184 | Command Injection vulnerability in Sophos web Appliance In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303. | 4.7 |
2017-03-30 | CVE-2017-6183 | Command Injection vulnerability in Sophos web Appliance In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314. | 7.2 |
2017-03-20 | CVE-2016-4929 | Command Injection vulnerability in Juniper Junos Space Command injection vulnerability in Junos Space before 15.2R2 allows attackers to execute arbitrary code as a root user. | 8.8 |
2017-03-14 | CVE-2015-8988 | Command Injection vulnerability in Mcafee EPO Deep Command 2.1/2.2 Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now Intel Security) ePO Deep Command (eDC) 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path. | 8.8 |
2017-03-13 | CVE-2017-5675 | Command Injection vulnerability in Embedthis Goahead A command-injection vulnerability exists in a web application on a custom-built GoAhead web server used on Foscam, Vstarcam, and multiple white-label IP camera models. | 8.8 |
2017-03-03 | CVE-2016-10194 | Command Injection vulnerability in Festivaltts4R Project Festivaltts4R The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the (1) to_speech or (2) to_mp3 method in lib/festivaltts4r/festival4r.rb. | 9.8 |
2017-02-22 | CVE-2014-4677 | Command Injection vulnerability in Gpgtools Libmacgpg 0.6 The installPackage function in the installerHelper subcomponent in Libmacgpg in GPG Suite before 2015.06 allows local users to execute arbitrary commands with root privileges via shell metacharacters in the xmlPath argument. | 7.8 |