Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-07 | CVE-2022-37108 | Injection vulnerability in Securonix Snypr 6.4 An injection vulnerability in the syslog-ng configuration wizard in Securonix Snypr 6.4 allows an application user with the "Manage Ingesters" permission to execute arbitrary code on remote ingesters by appending arbitrary text to text files that are executed by the system, such as users' crontab files. | 7.2 |
| 2022-08-25 | CVE-2022-37240 | Injection vulnerability in Altn Security Gateway for Email Servers 8.5.2 MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter. | 9.8 |
| 2022-08-25 | CVE-2022-37242 | Injection vulnerability in Altn Security Gateway for Email Servers 8.5.2 MDaemon Technologies SecurityGateway for Email Servers 8.5.2, is vulnerable to HTTP Response splitting via the data parameter. | 9.8 |
| 2022-08-22 | CVE-2022-34773 | Injection vulnerability in Tabit Tabit - HTTP Method manipulation. | 9.8 |
| 2022-08-18 | CVE-2022-32453 | Injection vulnerability in Cybozu Office HTTP header injection vulnerability in Cybozu Office 10.0.0 to 10.8.5 may allow a remote attacker to obtain and/or alter the data of the product via unspecified vectors. | 6.5 |
| 2022-08-15 | CVE-2022-38357 | Injection vulnerability in Eyeofnetwork Eyes of Network web 5.3 Improper neutralization of special elements leaves the Eyes of Network Web application vulnerable to an iFrame injection attack, via the url parameter of /module/module_frame/index.php. | 8.8 |
| 2022-08-15 | CVE-2022-35954 | Injection vulnerability in Github Toolkit The GitHub Actions ToolKit provides a set of packages to make creating actions easier. | 5.0 |
| 2022-08-05 | CVE-2022-31658 | Injection vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. | 7.2 |
| 2022-08-05 | CVE-2022-31665 | Injection vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. | 7.2 |
| 2022-08-04 | CVE-2022-35735 | Injection vulnerability in F5 products In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, an authenticated attacker with Resource Administrator or Manager privileges can create or modify existing monitor objects in the Configuration utility in an undisclosed manner leading to a privilege escalation. | 7.2 |