Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

DATE CVE VULNERABILITY TITLE RISK
2021-06-04 CVE-2021-30506 Injection vulnerability in Google Chrome
Incorrect security UI in Web App Installs in Google Chrome on Android prior to 90.0.4430.212 allowed an attacker who convinced a user to install a web application to inject scripts or HTML into a privileged page via a crafted HTML page.
network
google CWE-74
6.8
2021-06-01 CVE-2021-32647 Injection vulnerability in NSA Emissary 6.4.0
Emissary is a P2P based data-driven workflow engine.
network
low complexity
nsa CWE-74
6.5
2021-05-21 CVE-2020-27211 Injection vulnerability in Nordicsemi Nrf52840 Firmware
Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper protection against physical side channels.
3.3
2021-05-21 CVE-2020-27212 Injection vulnerability in ST Stm32Cubel4 Firmware
STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control.
local
st CWE-74
4.4
2021-05-21 CVE-2021-29414 Injection vulnerability in ST Stm32Cubel4 Firmware
STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control.
local
low complexity
st CWE-74
3.6
2021-05-12 CVE-2021-30214 Injection vulnerability in ENG Knowage 7.3.0
Knowage Suite 7.3 is vulnerable to Stored Client-Side Template Injection in '/knowage/restful-services/signup/update' via the 'name' parameter.
network
eng CWE-74
3.5
2021-05-11 CVE-2020-26140 Injection vulnerability in Alfa Awus036H Firmware 6.1316.1209
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H.
low complexity
alfa CWE-74
3.3
2021-05-11 CVE-2020-26142 Injection vulnerability in Openbsd 6.6
An issue was discovered in the kernel in OpenBSD 6.6.
network
low complexity
openbsd CWE-74
5.0
2021-05-11 CVE-2021-27611 Injection vulnerability in SAP Netweaver AS Abap
SAP NetWeaver AS ABAP, versions - 700, 701, 702, 730, 731, allow a high privileged attacker to inject malicious code by executing an ABAP report when the attacker has access to the local SAP system.
local
low complexity
sap CWE-74
4.6
2021-05-11 CVE-2021-27614 Injection vulnerability in SAP Business-One-Hana-Chef-Cookbook and Business ONE
SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One on SAP HANA, allows an attacker to inject code that can be executed by the application.
local
low complexity
sap CWE-74
3.6