Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-12 | CVE-2014-8888 | Command Injection vulnerability in Dlink Dir-815 Firmware 2.03.B02 The remote administration interface in D-Link DIR-815 devices with firmware before 2.03.B02 allows remote attackers to execute arbitrary commands via vectors related to an "HTTP command injection issue." | 9.8 |
| 2018-04-12 | CVE-2014-6120 | Command Injection vulnerability in IBM Rational Appscan Source and Security Appscan Source IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, 9.0 through 9.0.0.1, and 9.0.1 allow remote attackers to execute arbitrary commands on the installation server via unspecified vectors. | 9.8 |
| 2018-04-12 | CVE-2014-6633 | Command Injection vulnerability in Tryton The safe_eval function in trytond in Tryton before 2.4.15, 2.6.x before 2.6.14, 2.8.x before 2.8.11, 3.0.x before 3.0.7, and 3.2.x before 3.2.3 allows remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the collection.domain in the webdav module or (2) the formula field in the price_list module. | 8.8 |
| 2018-04-10 | CVE-2014-3114 | Command Injection vulnerability in Ezpz-One-Click-Backup Project Ezpz-One-Click-Backup The EZPZ One Click Backup (ezpz-one-click-backup) plugin 12.03.10 and earlier for WordPress allows remote attackers to execute arbitrary commands via the cmd parameter to functions/ezpz-archive-cmd.php. | 9.8 |
| 2018-04-03 | CVE-2017-7161 | Command Injection vulnerability in multiple products An issue was discovered in certain Apple products. | 8.8 |
| 2018-02-19 | CVE-2018-5439 | Command Injection vulnerability in Nortekcontrol Emerge E3 Firmware 0.3207E A Command Injection issue was discovered in Nortek Linear eMerge E3 series Versions V0.32-07e and prior. | 9.8 |
| 2018-02-15 | CVE-2016-8523 | Command Injection vulnerability in HP Smart Storage Administrator A Remote Arbitrary Code Execution vulnerability in HPE Smart Storage Administrator version before v2.60.18.0 was found. | 8.8 |
| 2018-02-13 | CVE-2017-1720 | Command Injection vulnerability in IBM Client Application Access and Notes IBM Notes 8.5 and 9.0 could allow a local attacker to execute arbitrary commands by carefully crafting a command line sent via the shared memory IPC. | 5.3 |
| 2018-02-12 | CVE-2016-5397 | Command Injection vulnerability in Apache Thrift The Apache Thrift Go client library exposed the potential during code generation for command injection due to using an external formatting tool. | 8.8 |
| 2018-02-02 | CVE-2014-1834 | Command Injection vulnerability in Echor Project Echor 0.1.6 The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to inject arbitrary code by adding a semi-colon in their username or password. | 7.8 |