Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-02 | CVE-2019-15259 | Injection vulnerability in Cisco Unified Contact Center Express A vulnerability in Cisco Unified Contact Center Express (UCCX) Software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. | 6.1 |
| 2019-10-01 | CVE-2019-17068 | Injection vulnerability in multiple products PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard content. | 7.5 |
| 2019-09-26 | CVE-2019-16532 | Injection vulnerability in Yzmcms 5.3 An HTTP Host header injection vulnerability exists in YzmCMS V5.3. | 6.1 |
| 2019-09-23 | CVE-2019-11277 | Injection vulnerability in Cloudfoundry Cf-Deployment and NFS Volume Release Cloud Foundry NFS Volume Service, 1.7.x versions prior to 1.7.11 and 2.x versions prior to 2.3.0, is vulnerable to LDAP injection. | 8.1 |
| 2019-09-16 | CVE-2017-18634 | Injection vulnerability in Tagdiv Newspaper 6.7.0/6.7.1 The newspaper theme before 6.7.2 for WordPress has script injection via td_ads[header] to admin-ajax.php. | 9.8 |
| 2019-09-13 | CVE-2019-5314 | Injection vulnerability in Arubanetworks Arubaos Some web components in the ArubaOS software are vulnerable to HTTP Response splitting (CRLF injection) and Reflected XSS. | 6.1 |
| 2019-09-12 | CVE-2019-5977 | Injection vulnerability in Cybozu Garoon Mail header injection vulnerability in Cybozu Garoon 4.0.0 to 4.10.2 may allow a remote authenticated attackers to alter mail header via the application 'E-Mail'. | 4.3 |
| 2019-09-09 | CVE-2019-10665 | Injection vulnerability in Librenms An issue was discovered in LibreNMS through 1.47. | 9.8 |
| 2019-08-22 | CVE-2014-10386 | Injection vulnerability in 3CX Live Chat The wp-live-chat-support plugin before 4.1.0 for WordPress has JavaScript injections. | 6.1 |
| 2019-08-22 | CVE-2014-10394 | Injection vulnerability in Saschart Rich Counter 1.0.5/1.1.0/1.1.5 The rich-counter plugin before 1.2.0 for WordPress has JavaScript injection via a User-Agent header. | 6.1 |