Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-06 | CVE-2021-43038 | Injection vulnerability in Kaseya Unitrends Backup An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. | 8.8 |
| 2021-11-24 | CVE-2021-38873 | Injection vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 is potentially vulnerable to CSV Injection. | 7.8 |
| 2021-11-23 | CVE-2021-37033 | Injection vulnerability in Huawei Emui and Magic UI There is an Injection attack vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability. | 7.5 |
| 2021-11-20 | CVE-2021-36322 | Injection vulnerability in Dell products Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection vulnerability. | 6.1 |
| 2021-11-11 | CVE-2021-34419 | Injection vulnerability in Zoom Client for Meetings In the Zoom Client for Meetings for Ubuntu Linux before version 5.1.0, there is an HTML injection flaw when sending a remote control request to a user in the process of in-meeting screen sharing. | 5.3 |
| 2021-11-11 | CVE-2021-43350 | Injection vulnerability in Apache Traffic Control An unauthenticated Apache Traffic Control Traffic Ops user can send a request with a specially-crafted username to the POST /login endpoint of any API version to inject unsanitized content into the LDAP filter. | 9.8 |
| 2021-11-11 | CVE-2021-25980 | Injection vulnerability in Talkyard In Talkyard, versions v0.04.01 through v0.6.74-WIP-63220cb, v0.2020.22-WIP-b2e97fe0e through v0.2021.02-WIP-879ef3fe1 and tyse-v0.2021.02-879ef3fe1-regular through tyse-v0.2021.28-af66b6905-regular, are vulnerable to Host Header Injection. | 8.8 |
| 2021-11-09 | CVE-2021-43185 | Injection vulnerability in Jetbrains Youtrack JetBrains YouTrack before 2021.3.23639 is vulnerable to Host header injection. | 9.8 |
| 2021-11-03 | CVE-2021-36697 | Injection vulnerability in Artica Pandora FMS With an admin account, the .htaccess file in Artica Pandora FMS <=755 can be overwritten with the File Manager component. | 6.7 |
| 2021-10-22 | CVE-2020-23050 | Injection vulnerability in Taotesting TAO Assessment Platform 3.3.0 TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a HTML injection vulnerability in the userFirstName parameter of the user account input field. | 8.0 |