Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-12 | CVE-2017-4054 | Command Injection vulnerability in Mcafee Advanced Threat Defense Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to execute a command of their choice via a crafted HTTP request parameter. | 8.8 |
| 2017-06-19 | CVE-2017-4984 | Command Injection vulnerability in EMC Vnx1 Firmware and Vnx2 Firmware In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, an unauthenticated remote attacker may be able to elevate their permissions to root through a command injection. | 9.8 |
| 2017-06-13 | CVE-2016-6655 | Command Injection vulnerability in Cloudfoundry Cf-Mysql-Release An issue was discovered in Cloud Foundry Foundation Cloud Foundry release versions prior to v245 and cf-mysql-release versions prior to v31. | 9.8 |
| 2017-06-08 | CVE-2017-4918 | Command Injection vulnerability in VMWare Horizon View VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. | 9.8 |
| 2017-05-28 | CVE-2015-9059 | Command Injection vulnerability in Picocom Project Picocom picocom before 2.0 has a command injection vulnerability in the 'send and receive file' command because the command line is executed by /bin/sh unsafely. | 9.8 |
| 2017-05-23 | CVE-2015-4046 | Command Injection vulnerability in Alienvault Open Source Security Information Management The asset discovery scanner in AlienVault OSSIM before 5.0.1 allows remote authenticated users to execute arbitrary commands via the assets array parameter to netscan/do_scan.php. | 7.2 |
| 2017-05-22 | CVE-2017-6650 | Command Injection vulnerability in Cisco Nx-Os A vulnerability in the Telnet CLI command of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. | 7.8 |
| 2017-05-22 | CVE-2017-6649 | Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. | 7.8 |
| 2017-05-19 | CVE-2017-6048 | Command Injection vulnerability in Satel-Iberia products A Command Injection issue was discovered in Satel Iberia SenNet Data Logger and Electricity Meters: SenNet Optimal DataLogger V5.37c-1.43c and prior, SenNet Solar Datalogger V5.03-1.56a and prior, and SenNet Multitask Meter V5.21a-1.18b and prior. | 8.8 |
| 2017-05-12 | CVE-2016-10329 | Command Injection vulnerability in Synology Photo Station Command injection vulnerability in login.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to execute arbitrary code via shell metacharacters in the crafted 'X-Forwarded-For' header. | 9.8 |