Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-14 | CVE-2021-44530 | Injection vulnerability in UI Unifi Network Controller An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53 and earlier (Log4J CVE-2021-44228) allows a malicious actor to control the application. | 9.8 |
| 2022-01-12 | CVE-2021-42561 | Injection vulnerability in Mitre Caldera An issue was discovered in CALDERA 2.8.1. | 8.8 |
| 2022-01-10 | CVE-2021-29454 | Injection vulnerability in multiple products Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. | 8.8 |
| 2022-01-10 | CVE-2021-24948 | Injection vulnerability in Posimyth the Plus Addons for Elementor The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not validate the qvquery parameter of the tp_get_dl_post_info_ajax AJAX action, which could allow unauthenticated users to retrieve sensitive information, such as private and draft posts | 7.5 |
| 2022-01-03 | CVE-2021-25994 | Injection vulnerability in Userfrosting In Userfrosting, versions v0.3.1 to v4.6.2 are vulnerable to Host Header Injection. | 8.8 |
| 2021-12-30 | CVE-2021-45818 | Injection vulnerability in Safarimontage Safari Montage 8.7.32 SAFARI Montage 8.7.32 is affected by a CRLF injection vulnerability which can lead to HTTP response splitting. | 6.1 |
| 2021-12-26 | CVE-2021-45655 | Injection vulnerability in Netgear R6400 Firmware NETGEAR R6400 devices before 1.0.1.70 are affected by server-side injection. | 6.8 |
| 2021-12-26 | CVE-2021-45656 | Injection vulnerability in Netgear products Certain NETGEAR devices are affected by server-side injection. | 7.8 |
| 2021-12-26 | CVE-2021-45657 | Injection vulnerability in Netgear products Certain NETGEAR devices are affected by server-side injection. | 7.8 |
| 2021-12-26 | CVE-2021-45658 | Injection vulnerability in Netgear products Certain NETGEAR devices are affected by server-side injection. | 9.8 |