Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-25 | CVE-2021-36348 | Injection vulnerability in Dell Integrated Dell Remote Access Controller 9 Firmware iDRAC9 versions prior to 5.00.20.00 contain an input injection vulnerability. | 8.1 |
| 2022-01-25 | CVE-2021-39031 | Injection vulnerability in IBM Websphere Application Server IBM WebSphere Application Server - Liberty 17.0.0.3 through 22.0.0.1 could allow a remote authenticated attacker to conduct an LDAP injection. | 8.8 |
| 2022-01-15 | CVE-2021-44537 | Injection vulnerability in multiple products ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution. | 7.8 |
| 2022-01-14 | CVE-2021-44530 | Injection vulnerability in UI Unifi Network Controller An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53 and earlier (Log4J CVE-2021-44228) allows a malicious actor to control the application. | 9.8 |
| 2022-01-12 | CVE-2021-42561 | Injection vulnerability in Mitre Caldera An issue was discovered in CALDERA 2.8.1. | 8.8 |
| 2022-01-10 | CVE-2021-24948 | Injection vulnerability in Posimyth the Plus Addons for Elementor The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not validate the qvquery parameter of the tp_get_dl_post_info_ajax AJAX action, which could allow unauthenticated users to retrieve sensitive information, such as private and draft posts | 7.5 |
| 2022-01-03 | CVE-2021-25994 | Injection vulnerability in Userfrosting In Userfrosting, versions v0.3.1 to v4.6.2 are vulnerable to Host Header Injection. | 8.8 |
| 2021-12-30 | CVE-2021-45818 | Injection vulnerability in Safarimontage Safari Montage 8.7.32 SAFARI Montage 8.7.32 is affected by a CRLF injection vulnerability which can lead to HTTP response splitting. | 6.1 |
| 2021-12-26 | CVE-2021-45655 | Injection vulnerability in Netgear R6400 Firmware NETGEAR R6400 devices before 1.0.1.70 are affected by server-side injection. | 6.8 |
| 2021-12-26 | CVE-2021-45656 | Injection vulnerability in Netgear products Certain NETGEAR devices are affected by server-side injection. | 7.8 |