Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

DATE CVE VULNERABILITY TITLE RISK
2021-02-19 CVE-2020-12873 An issue was discovered in Alfresco Enterprise Content Management (ECM) before 6.2.1.
network
low complexity
CWE-74
critical
9.0
2021-02-16 CVE-2021-21316 less-openui5 is an npm package which enables building OpenUI5 themes with Less.js. 0.0
2021-02-16 CVE-2020-35564 Injection vulnerability in Mbconnectline Mbconnect24 and Mymbconnect24
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2.
network
low complexity
mbconnectline CWE-74
5.0
2021-02-15 CVE-2020-35775 Injection vulnerability in Citsmart 9.1.2.23
CITSmart before 9.1.2.23 allows LDAP Injection.
network
low complexity
citsmart CWE-74
7.5
2021-02-12 CVE-2021-20644 Injection vulnerability in Elecom Wrc-1467Ghbk-A Firmware
ELECOM WRC-1467GHBK-A allows arbitrary scripts to be executed on the user's web browser by displaying a specially crafted SSID on the web setup page.
network
elecom CWE-74
4.3
2021-02-11 CVE-2021-23335 Injection vulnerability in Is-User-Valid Project Is-User-Valid
All versions of package is-user-valid are vulnerable to LDAP Injection which can lead to either authentication bypass or information exposure.
network
low complexity
is-user-valid-project CWE-74
5.0
2021-02-10 CVE-2021-27185 Injection vulnerability in Samba-Client Project Samba-Client
The samba-client package before 4.0.0 for Node.js allows command injection because of the use of process.exec.
network
low complexity
samba-client-project CWE-74
7.5
2021-02-09 CVE-2021-21479 Injection vulnerability in SAP Scimono
In SCIMono before 0.0.19, it is possible for an attacker to inject and execute java expression compromising the availability and integrity of the system.
network
low complexity
sap CWE-74
6.4
2021-02-08 CVE-2021-21305 Injection vulnerability in Carrierwave Project Carrierwave
CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications.
network
low complexity
carrierwave-project CWE-74
7.5
2021-02-08 CVE-2020-7786 Injection vulnerability in Macfromip Project Macfromip
This affects all versions of package macfromip.
network
low complexity
macfromip-project CWE-74
7.5