Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-13 | CVE-2017-5675 | Command Injection vulnerability in Embedthis Goahead A command-injection vulnerability exists in a web application on a custom-built GoAhead web server used on Foscam, Vstarcam, and multiple white-label IP camera models. | 8.8 |
| 2017-03-03 | CVE-2016-10194 | Command Injection vulnerability in Festivaltts4R Project Festivaltts4R The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the (1) to_speech or (2) to_mp3 method in lib/festivaltts4r/festival4r.rb. | 9.8 |
| 2017-02-22 | CVE-2014-4677 | Command Injection vulnerability in Gpgtools Libmacgpg 0.6 The installPackage function in the installerHelper subcomponent in Libmacgpg in GPG Suite before 2015.06 allows local users to execute arbitrary commands with root privileges via shell metacharacters in the xmlPath argument. | 7.8 |
| 2017-02-22 | CVE-2016-9684 | Command Injection vulnerability in Dell Sonicwall Secure Remote Access Server 8.1.0.214Sv The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. | 9.8 |
| 2017-02-22 | CVE-2016-9683 | Command Injection vulnerability in Dell Sonicwall Secure Remote Access Server 8.1.0.214Sv The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. | 9.8 |
| 2017-02-22 | CVE-2016-9682 | Command Injection vulnerability in Dell Sonicwall Secure Remote Access Server 8.1.0.214Sv The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. | 9.8 |
| 2017-02-13 | CVE-2016-9337 | Command Injection vulnerability in Tesla Gateway ECU An issue was discovered in Tesla Motors Model S automobile, all firmware versions before version 7.1 (2.36.31) with web browser functionality enabled. | 6.8 |
| 2017-02-09 | CVE-2015-6024 | Command Injection vulnerability in Netcommwireless Hspa 3G10Wve Firmware 3G10Wvel101S306Etsc01R03 ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the DIA_IPADDRESS parameter. | 9.8 |
| 2017-02-05 | CVE-2016-10098 | Command Injection vulnerability in Sendquick products An issue was discovered on SendQuick Entera and Avera devices before 2HF16. | 9.8 |
| 2017-02-03 | CVE-2016-9873 | Command Injection vulnerability in EMC Documentum D2 4.5/4.6 EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 6.3 |