Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-19 | CVE-2020-12873 | An issue was discovered in Alfresco Enterprise Content Management (ECM) before 6.2.1. | 9.0 |
2021-02-16 | CVE-2021-21316 | less-openui5 is an npm package which enables building OpenUI5 themes with Less.js. | 0.0 |
2021-02-16 | CVE-2020-35564 | Injection vulnerability in Mbconnectline Mbconnect24 and Mymbconnect24 An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. | 5.0 |
2021-02-15 | CVE-2020-35775 | Injection vulnerability in Citsmart 9.1.2.23 CITSmart before 9.1.2.23 allows LDAP Injection. | 7.5 |
2021-02-12 | CVE-2021-20644 | Injection vulnerability in Elecom Wrc-1467Ghbk-A Firmware ELECOM WRC-1467GHBK-A allows arbitrary scripts to be executed on the user's web browser by displaying a specially crafted SSID on the web setup page. | 4.3 |
2021-02-11 | CVE-2021-23335 | Injection vulnerability in Is-User-Valid Project Is-User-Valid All versions of package is-user-valid are vulnerable to LDAP Injection which can lead to either authentication bypass or information exposure. | 5.0 |
2021-02-10 | CVE-2021-27185 | Injection vulnerability in Samba-Client Project Samba-Client The samba-client package before 4.0.0 for Node.js allows command injection because of the use of process.exec. | 7.5 |
2021-02-09 | CVE-2021-21479 | Injection vulnerability in SAP Scimono In SCIMono before 0.0.19, it is possible for an attacker to inject and execute java expression compromising the availability and integrity of the system. | 6.4 |
2021-02-08 | CVE-2021-21305 | Injection vulnerability in Carrierwave Project Carrierwave CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications. | 7.5 |
2021-02-08 | CVE-2020-7786 | Injection vulnerability in Macfromip Project Macfromip This affects all versions of package macfromip. | 7.5 |