Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-19 | CVE-2024-10153 | Injection vulnerability in PHPgurukul Boat Booking System 1.0 A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. | 9.8 |
| 2024-09-19 | CVE-2024-25673 | Injection vulnerability in Couchbase Server Couchbase Server 7.6.x before 7.6.2, 7.2.x before 7.2.6, and all earlier versions allows HTTP Host header injection. | 6.1 |
| 2024-09-17 | CVE-2024-45612 | Injection vulnerability in Contao Contao is an Open Source CMS. | 5.3 |
| 2024-09-03 | CVE-2024-42903 | Injection vulnerability in Limesurvey A Host header injection vulnerability in the password reset function of LimeSurvey v.6.6.1+240806 and before allows attackers to send users a crafted password reset link that will direct victims to a malicious domain. | 6.5 |
| 2024-09-02 | CVE-2024-45312 | Injection vulnerability in Overleaf Overleaf is a web-based collaborative LaTeX editor. | 5.3 |
| 2024-08-30 | CVE-2024-2881 | Injection vulnerability in Wolfssl 5.6.6 Fault Injection vulnerability in wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the ed25519_key structure. | 8.8 |
| 2024-08-29 | CVE-2024-1545 | Injection vulnerability in Wolfssl 5.6.6 Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the RsaKey structure. | 8.8 |
| 2024-08-29 | CVE-2024-45302 | Injection vulnerability in Restsharp RestSharp is a Simple REST and HTTP API Client for .NET. | 7.8 |
| 2024-08-23 | CVE-2024-43782 | Injection vulnerability in Openedx Redwood1/Redwood2 This openedx-translations repository contains translation files from Open edX repositories to be kept in sync with Transifex. | 9.8 |
| 2024-08-14 | CVE-2024-31882 | Injection vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific non default configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. | 6.5 |