Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-19 | CVE-2017-20174 | Injection vulnerability in Getkirby Webmentions A vulnerability was found in bastianallgeier Kirby Webmentions Plugin and classified as problematic. | 9.8 |
| 2023-01-18 | CVE-2023-0040 | Injection vulnerability in Asynchttpclient Project Async-Http-Client Versions of Async HTTP Client prior to 1.13.2 are vulnerable to a form of targeted request manipulation called CRLF injection. | 7.5 |
| 2023-01-17 | CVE-2023-23749 | Injection vulnerability in Miniorange Ldap Integration With Active Directory and Openldap 5.0.2 The 'LDAP Integration with Active Directory and OpenLDAP - NTLM & Kerberos Login' extension is vulnerable to LDAP Injection since is not properly sanitizing the 'username' POST parameter. | 7.5 |
| 2023-01-17 | CVE-2015-10062 | Injection vulnerability in Galaxyproject Galaxy A vulnerability, which was classified as problematic, was found in galaxy-data-resource up to 14.10.0. | 9.8 |
| 2023-01-15 | CVE-2023-0302 | Injection vulnerability in Radare Radare2 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2. | 7.8 |
| 2023-01-07 | CVE-2015-10027 | Injection vulnerability in Ttrrs-Auth-Ldap Project Ttrrs-Auth-Ldap 0.5 A vulnerability, which was classified as problematic, has been found in hydrian TTRSS-Auth-LDAP. | 9.8 |
| 2023-01-05 | CVE-2022-37933 | Injection vulnerability in HPE products A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. | 7.8 |
| 2023-01-03 | CVE-2022-42471 | Injection vulnerability in Fortinet Fortiweb An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability [CWE-113] In FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.4.0 through 6.4.2, FortiWeb version 6.3.6 through 6.3.20 may allow an authenticated and remote attacker to inject arbitrary headers. | 5.4 |
| 2023-01-02 | CVE-2016-15007 | Injection vulnerability in Centralized Salesforce Development Framework Project Centralized Salesforce Development Framework A vulnerability was found in Centralized-Salesforce-Dev-Framework. | 9.8 |
| 2023-01-02 | CVE-2017-20161 | Injection vulnerability in Macgeiger Project Macgeiger A vulnerability classified as problematic has been found in rofl0r MacGeiger. | 7.8 |