Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2016-02-17 CVE-2016-2397 Command Injection vulnerability in Sonicwall products
The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data.
network
low complexity
sonicwall CWE-77
critical
9.8
2016-02-17 CVE-2016-2396 Command Injection vulnerability in Sonicwall products
The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input.
network
low complexity
sonicwall CWE-77
critical
9.9
2016-02-05 CVE-2016-0861 Command Injection vulnerability in GE UPS Snmp web Adapter Firmware
General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to execute arbitrary commands via unspecified vectors.
network
low complexity
ge CWE-77
8.8
2016-01-08 CVE-2015-7541 Command Injection vulnerability in Colorscore Project Colorscore
The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metacharacters in the (1) image_path, (2) colors, or (3) depth variable.
network
low complexity
colorscore-project CWE-77
critical
10.0
2016-01-03 CVE-2015-5003 Command Injection vulnerability in IBM Tivoli Monitoring 6.2.2/6.2.3/6.3.0
The portal in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 before FP7 allows remote authenticated users to execute arbitrary commands by leveraging Take Action view authority and providing crafted input.
network
high complexity
ibm CWE-77
8.5
2015-02-23 CVE-2015-2051 Command Injection vulnerability in Dlink Dir-645 Firmware
The D-Link DIR-645 Wired/Wireless Router Rev.
network
low complexity
dlink CWE-77
critical
9.8