Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

DATE	CVE	VULNERABILITY TITLE	RISK
2022-07-08	CVE-2022-33011	Injection vulnerability in Withknown Known Known v1.3.1+2020120201 was discovered to allow attackers to perform an account takeover via a host header injection attack. network low complexity withknown CWE-74	8.8
2022-07-05	CVE-2022-31014	Injection vulnerability in Nextcloud Server Nextcloud server is an open source personal cloud server. network low complexity nextcloud CWE-74	3.5
2022-07-01	CVE-2022-34903	Injection vulnerability in multiple products GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line. network high complexity gnupg fedoraproject debian netapp CWE-74	6.5
2022-06-30	CVE-2013-4144	Injection vulnerability in Swfupload Project Swfupload 3.5.2 There is an object injection vulnerability in swfupload plugin for wordpress. network low complexity swfupload-project CWE-74 critical	9.8
2022-06-06	CVE-2022-29631	Injection vulnerability in Jodd Http Jodd HTTP v6.0.9 was discovered to contain multiple CLRF injection vulnerabilities via the components jodd.http.HttpRequest#set and `jodd.http.HttpRequest#send. network low complexity jodd CWE-74	7.5
2022-06-02	CVE-2020-28246	Injection vulnerability in Form Form.Io 2.0.0 A Server-Side Template Injection (SSTI) was discovered in Form.io 2.0.0. network low complexity form CWE-74 critical	9.8
2022-05-11	CVE-2022-22975	Injection vulnerability in VMWare Pinniped An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. network high complexity vmware CWE-74	6.6
2022-05-05	CVE-2022-29166	Injection vulnerability in Matrix IRC Bridge matrix-appservice-irc is a Node.js IRC bridge for Matrix. network low complexity matrix CWE-74	8.8
2022-04-21	CVE-2022-27924	Injection vulnerability in Zimbra Collaboration 8.8.15/9.0.0 Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance. network low complexity zimbra CWE-74	7.5
2022-04-15	CVE-2022-28345	Injection vulnerability in Signal The Signal app before 5.34 for iOS allows URI spoofing via RTLO injection. network low complexity signal CWE-74	7.5