Vulnerabilities > Improper Neutralization of Special Elements in Data Query Logic

DATE CVE VULNERABILITY TITLE RISK
2024-11-15 CVE-2021-1481 A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management interface.
network
low complexity
CWE-943
4.3
2019-05-22 CVE-2018-7829 Improper Neutralization of Special Elements in Data Query Logic vulnerability in Schneider-Electric products
An Improper Neutralization of Special Elements in Query vulnerability exists in the 1st Gen.
network
low complexity
schneider-electric CWE-943
8.8
2017-08-23 CVE-2017-12904 Improper Neutralization of Special Elements in Data Query Logic vulnerability in multiple products
Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or URL.
network
low complexity
newsbeuter debian CWE-943
8.8