Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-01 | CVE-2005-3056 | Injection vulnerability in Twiki 200409023 TWiki allows arbitrary shell command execution via the Include function | 9.8 |
| 2019-10-31 | CVE-2019-18657 | Injection vulnerability in Yandex Clickhouse ClickHouse before 19.13.5.44 allows HTTP header injection via the url table function. | 5.3 |
| 2019-10-29 | CVE-2011-2538 | Injection vulnerability in Cisco Telepresence Video Communication Server Cisco Video Communications Server (VCS) before X7.0.3 contains a command injection vulnerability which allows remote, authenticated attackers to execute arbitrary commands. | 7.2 |
| 2019-10-25 | CVE-2019-4461 | Injection vulnerability in IBM Cloud Orchestrator IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 is vulnerable to HTTP Response Splitting caused by improper caching of content. | 5.4 |
| 2019-10-25 | CVE-2019-4396 | Injection vulnerability in IBM Cloud Orchestrator IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. | 5.4 |
| 2019-10-23 | CVE-2019-18348 | Injection vulnerability in Python An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. | 6.1 |
| 2019-10-23 | CVE-2019-11282 | Injection vulnerability in multiple products Cloud Foundry UAA, versions prior to v74.3.0, contains an endpoint that is vulnerable to SCIM injection attack. | 4.3 |
| 2019-10-18 | CVE-2019-17513 | Injection vulnerability in Ratpack Project Ratpack An issue was discovered in Ratpack before 1.7.5. | 7.5 |
| 2019-10-09 | CVE-2019-9535 | Injection vulnerability in Iterm2 A vulnerability exists in the way that iTerm2 integrates with tmux's control mode, which may allow an attacker to execute arbitrary commands by providing malicious output to the terminal. | 9.8 |
| 2019-10-09 | CVE-2019-4558 | Injection vulnerability in IBM Spectrum Scale A security vulnerability has been identified in all levels of IBM Spectrum Scale V5.0.0.0 through V5.0.3.2 and IBM Spectrum Scale V4.2.0.0 through V4.2.3.17 that could allow a local attacker to obtain root privilege by injecting parameters into setuid files. | 7.8 |