Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-15 | CVE-2021-44537 | Injection vulnerability in Owncloud ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution. | 6.8 |
| 2022-01-14 | CVE-2021-44530 | Injection vulnerability in UI Unifi Network Controller An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53 and earlier (Log4J CVE-2021-44228) allows a malicious actor to control the application. | 7.5 |
| 2022-01-14 | CVE-2021-32649 | Injection vulnerability in Octobercms October October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. | 6.5 |
| 2022-01-14 | CVE-2021-32650 | Injection vulnerability in Octobercms October 1.0.472/1.1.5 October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. | 6.5 |
| 2022-01-10 | CVE-2021-29454 | Injection vulnerability in Smarty Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. | 6.5 |
| 2022-01-06 | CVE-2022-21663 | Injection vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. | 6.5 |
| 2022-01-03 | CVE-2021-25994 | Injection vulnerability in Userfrosting In Userfrosting, versions v0.3.1 to v4.6.2 are vulnerable to Host Header Injection. | 6.8 |
| 2021-12-30 | CVE-2021-4181 | Injection vulnerability in Wireshark Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | 5.0 |
| 2021-12-30 | CVE-2021-4182 | Injection vulnerability in Wireshark Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | 5.0 |
| 2021-12-30 | CVE-2021-4183 | Injection vulnerability in Wireshark 3.6.0 Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file | 4.3 |