Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-04 | CVE-2024-6331 | Injection vulnerability in Stitionai Devika stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable to Local File Read (LFI) by Prompt Injection. | 6.5 |
2024-07-25 | CVE-2024-40324 | Injection vulnerability in Datex-Soft E-Staff 5.1 A CRLF injection vulnerability in E-Staff v5.1 allows attackers to insert Carriage Return (CR) and Line Feed (LF) characters into input fields, leading to HTTP response splitting and header manipulation. | 5.4 |
2024-07-24 | CVE-2024-0231 | Injection vulnerability in Gitlab A resource misdirection vulnerability in GitLab CE/EE versions 12.0 prior to 17.0.5, 17.1 prior to 17.1.3, and 17.2 prior to 17.2.1 allows an attacker to craft a repository import in such a way as to misdirect commits. | 2.7 |
2024-07-01 | CVE-2024-38366 | Injection vulnerability in Cocoapods Trunk.Cocoapods.Org trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. | 10.0 |
2024-07-01 | CVE-2024-36420 | Injection vulnerability in Flowiseai Flowise 1.4.3 Flowise is a drag & drop user interface to build a customized large language model flow. | 7.5 |
2024-06-28 | CVE-2024-39704 | Injection vulnerability in Unknown-Corp Melty Blood Actress Again Current Code Soft Circle French-Bread Melty Blood: Actress Again: Current Code through 1.07 Rev. | 9.8 |
2024-06-05 | CVE-2024-5184 | Injection vulnerability in Emailgpt The EmailGPT service contains a prompt injection vulnerability. The service uses an API service that allows a malicious user to inject a direct prompt and take over the service logic. | 9.1 |
2024-03-11 | CVE-2024-0044 | Injection vulnerability in Google Android In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. | 6.7 |
2024-03-08 | CVE-2024-23268 | Injection vulnerability in Apple Macos An injection issue was addressed with improved input validation. | 7.8 |
2024-03-08 | CVE-2024-23274 | Injection vulnerability in Apple Macos An injection issue was addressed with improved input validation. | 7.8 |